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About this guide 


Welcome to Qualys Cloud Platform! We'll show you how to use the Qualys CMDB Sync 
App to synchronize Qualys IT asset discovery and classification with the ServiceNow 
Configuration Management Database (CMDB) system. 


About Qualys 


Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of cloud-based security and 
compliance solutions. The Qualys Cloud Platform and its integrated apps help businesses 
simplify security operations and lower the cost of compliance by delivering critical 
security intelligence on demand and automating the full spectrum of auditing, 
compliance and protection for IT systems and web applications. 


Founded in 1999, Qualys has established strategic partnerships with leading managed 
service providers and consulting organizations including Accenture, BT, Cognizant 
Technology Solutions, Deutsche Telekom, Fujitsu, HCL, HP Enterprise, IBM, Infosys, NTT, 
Optiv, SecureWorks, Tata Communications, Verizon and Wipro. The company is also a 
founding member of the Cloud Security Alhance (CSA). For more information, please visit 
www.qualys.com 


Qualys Support 


Qualys is committed to providing you with the most thorough support. Through online 
documentation, telephone help, and direct email support, Qualys ensures that your 
questions will be answered in the fastest time possible. We support you 7 days a week, 
24 hours a day. Access support information at www.qualys.com/support/ 
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Welcome to Qualys CMDB Sync App 2.4 


The Qualys CMDB Sync App 2.4 for Configuration Management Database (CMDB) 
automatically synchronizes comprehensive information about your global IT resources 
that are continuously monitored by Qualys Asset Inventory. This leverages Qualys’ highly 
distributed and scalable cloud platform, and various data collection tools, including 
Qualys groundbreaking Cloud Agents, to compile and continually update a full inventory 
of your IT assets everywhere: on premises, in elastic clouds and mobile endpoints. 


Key Features 


- Asset information is automatically enriched with additional context such as lifecycle 
date and support stage, license category 


- For assets that already exist in both, asset metadata can be synchronized 

- Optionally, asset information is staged for user approval before being written to CMDB 
- Support for multiple Qualys accounts/API sources 

- Synchronization schedules can be configured and saved 


- Preconfigured table transform maps for open ports, assets, network interfaces, software, 
processors and volumes 


- Preconfigured reports 


- Preconfigured CI Class Manager that pre-populates the source-destination field 
mappings and also allows you to create your own mappings for CI Class. 


- Support for Cloud Data (metadata) synchronization for Amazon Web Services, Microsoft 
Azure, Google Cloud Platform cloud providers till staging area. 


What’s New 
Here's what's new in Qualys CMDB Sync App 2.4.0! 


In ServiceNow to Qualys Flow: 


- If Clis NOT present in Qualys: the CMDB sync app allows you to create and add dynamic 
asset groups or dynamic asset tags to Qualys assets when CI is not present in Qualys. 


- If Clis already present in Qualys: the CMDB sync app allows you to create and add 
dynamic asset tags using asset metadata while syncing business information with Qualys 
for existing Qualys assets. 
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Migration of Assets after Upgrade 


We do not support backward compatibility once you upgrade to Qualys CMDB 
Sync App 2.1 version. Once upgrade to 2.1 version and before you sync assets or 
create schedules, we recommend you to migrate all assets (that belong to 
Computer Extended tables) to the CMDB production tables. We provide a 
scheduled job for migration of such assets. For more information and detailed 
steps, refer to Migration Support. 


Pre-requisites 


You must have a valid Qualys account subscription with API Access and access to 
following modules: 


- Qualys Subscription with CyberSecurity Asset Management (Qualys to ServiceNow Sync) 


- Asset Inventory CMDB Sync enabled within your Qualys subscription (Qualys to 
ServiceNow Sync) 


- Vulnerability Management (ServiceNow to Qualys Sync) 
- To sync from ServiceNow to Qualys, you need a Qualys account with a Manager role. 
- The user's role must have the "Update Asset" permission for the CSAM module. 


(ServiceNow to Qualys Sync - Business Information Sync) 
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Get Started 


Here we'll help you with the initial configuration and setup needed to get started. 


Quick Steps 
Install the App - You'll get the app from the ServiceNow app store. 


Add API Source- Provide the API Source details and use Test Connection to know if the 
connection between ServiceNow and the defined source 1s working fine. 


Create Schedules - Provide details to create a schedule. Once a schedule 1s successfully 
created, the sync between the source and CMDB gets working as per the schedule. 


Update Properties - The Properties have pre-defined values, however you can always 
update a property to better suit your needs. 


Install the App 


Visit the ServiceNow Online Store. 


Search for Qualys CMDB Sync App, and click Contact Seller. Your Technical Account 
Manager (TAM) will contact you, and then ServiceNow provisions the app into an instance 
of your choice. The app then appears in the “Downloads” list of your instance. Click 
“Install” to start using the app. 


In the Search field, type Qualys CMDB Sync, and then select Qualys CMDB Sync App from 
the left pane. After you are done, new module appears in your ServiceNow instance that 
looks like this: 


. 
SEFVICENOW Service Management Q MOE 
A System Administration v 207 c 
System Administration 
Guided Setup System Security Business Logic 
EST c Guided Setup tools to help you set up ServiceNow £3 Configure and monitor Instance security settings mÍ © Manage workflow and behavior of applications 
e Data M t Di ti 
>_> a anagemen agnostics 
Ss oy applications to your instances 2 2 2 Manage the way data is stored and displayed | A | Performance, development and deb 
© LE = 
a Email ... Homepages Integration 
Customize behavior of inbound and outbound emai Configure homepages for Service Desk and Self Service Y x Integrate with 3rd-party systems and data sources 
SY @ users A K 
Reporting and Analytics User Administration User Interface 
Create visual representations c DH L Manage users, groups and their roles Control the look and feel of applications 
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Add API Source 


Once you install the Qualys App, you need to add the API source. Go to Qualys CMDB Sync 
App > Configuration > API Sources, and click New. 


= Qualys API Credentials +— : E 
€ @ Z— ooo Submit Test Connection 
>* Name Sample Source Active Y 
»k POD Qualys US Platform 1 alo Created 
> Username | jdoe Updated 
> Password — Qualys to ServiceNow 


Sync Count 


Enable Qualysto Y 


ServiceNow Sync? ServiceNow to Qualys 


Sync Count 


Enable ServiceNowto Y 
Qualys Sync? 


Enter required details to create the source: 
Name - Provide a name for the API source. 


POD - Click and select the valid Qualys POD. The Private Cloud Platform (PCP) users can 
create and add details of their PCP environment. For information on how to add custom 
pod details, see Add Custom Pod (PCP). 


Username and Password - Enter valid Qualys Cloud Platform credentials with API access 
enabled for the account on the selected POD. 


Enable Qualys to ServiceNow Sync and Enable ServiceNow to Qualys Sync - Select these 
options to allow uninterrupted sync between Qualys and ServiceNow. 


Active - Select this option to tell us the source is active and assets should be synced from 
the active source. In case of multiple sources, you can use this option to activate or 
deactivate a source. 


Sync Software Catalog 


Sync Software Catalog Sync Asset Tag/ Asset Group 


Sync Software Y @Last Sync 2021-04-28 21:48:00 
Catalog Timestamp 


To enable software catalog sync, check the "Sync Software Catalog" checkbox. Last Sync Pagination 
Software catalog data will be added in staging tables. Key 


Q Sync Notes | Sync: Completed Successfully at 


Sync Software Y 
2021-04-29 04:48:00 


Catalog to CMDB 


To sync software catalog data to CMDB, check the "Sync Software Catalog to CMDB" 
checkbox. 


select Sync Software Catalog option to enable software sync to staging tables. 
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By default, this check box is disabled. Only after you enable the Sync Software Catalog 
check box, the Sync Software Catalog to CMDB check box is displayed. Use this check box 
to enable software sync and add the software data to CMDB tables. Once the sync cycle is 
complete, the sync details are populated in Last Sync Timestamp, Last Sync Key and in 
Sync notes fields. 


Click Submit to create the API source. 


Then, after configuring and saving the API source, choose the record you just created from 
the API source list, open the record and click Test Connection. 


Add Custom Pod (PCP) 


Qualys provides you with pre-defined pod details for Qualys platforms. If you are a PCP 
user, we also give you the option to create and add details of your PCP environment. 


Here are the steps to add new POD entry/PCP URLs: 
1. Go to Qualys CMDB Sync App > Configuration > API Sources, and click New. 


a 
2. Click the search icon in the POD field. 


Æ POD Qualys US Platform 3 o 


The list of PODs - ‘Qualys PODs table is displayed. 
3. Click New to add POD information. 


= Qualys PODs ES Search POD T Search 


O = pop À 


N 


1 to&of8 


Search 
O Qualys Canada Platform 


@ Qualys EU Platform ] 


4. Provide the following information and save the custom record. 


a. POD: Name for the custom POD record 


& s 
b. Server: Click the unlock icon to provide the Server URL. 


c. Asset Inventory Server: Click the unlock 1con to provide the Qualys API Gateway URL. 
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The Qualys API URL you should use for Server and Asset Inventory Server fields depends 
on the Qualys platform where your account is located. For more information on Qualys 
platform URLs, see Qualys Platforms. 


= Qualys POD +— HET 
€ == Newrecord © —+ ooo | Submit 
POD | MyPCPPod 
server «Qualys API Server URL> ira 


Asset Inventory <Qualys API Gateway URL > ira 
server 


Submit 


Create Schedules 


You need to set up at least one schedule. You may eventually want many more. Once a 
schedule is successfully created, the sync between the source and CMDB gets working as 
per the defined schedule. 
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Qualys to ServiceNow Scheduling 


Go to Qualys CMDB Sync App > Schedules and select “Qualys to ServiceNow" for Sync 
Direction. 


— Schedules Ea 

< | ZZ Newrecord © L^ en 
Name Demo Schedule Run Periodically v 
Active — Starting | 20.09.2020 02:24:12 íi 

> APISource | test Q || © »k Repeat Interval Days 00 
Æ SyncDirection | Qualys to ServiceNow v Hours 00 15 00 
% Target Transform | Qualys CMDB Sync Computer TM à || © Last Run Timestamp ri 
Map 
Last Fetched Host Id 
Download Assets Since | 20.09.2020 02:24:12 SG 


API Filter | operatingSystem.categoryl:'Linux" 


Auto Approve 
Qualys to ServiceNow Sync — Meta Info 


Sync Ports Info Y 
Sync Volumes Info 


Sync Network v 
Interfaces Info 


Sync Software Info 


Submit 


Enter required details to configure the schedule: 
Name - Provide a unique name for your schedule that helps you identify your schedule. 


Active - Select to enable and activate the schedule you create. If you want to activate a 
schedule sometime later, you can disable this checkbox. 


API Source - Select the API Source. 
Sync Direction - Select Qualys to ServiceNow. 


Target Transform Map - Select the custom transform map that tells us which destination 
table to put the assets in. Support of Configuration Item (CI) Class Selection allows you to 
define/customize the destination tables into which the pulled asset information should go 
after the assets are approved. For more information, refer to Transform Maps section. 


Download Assets Since: Define the date and time to sync assets from Qualys to 
ServiceNow. The schedules will download the assets after the defined time. 


API Filter: Use search tokens to filter the assets as per the requirement. 
Example: operatingSystem.categoryl: 'Linux’ 


This token will list all the assets with the Linux operating system. 
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Click here for help on using the search tokens. 


Run, Starting, Repeat Interval - Tell us the frequency of the schedule to be executed. For 
example, you could schedule it periodically every 15 minutes. 


Auto Approve - Select this to enable auto-approval of assets. This will save the effort of 
manually approving the assets to be staged on the production tables. 


Qualys to ServiceNow Sync - Select the information we should fetch for each asset: Sync 
Ports Info, Sync Volumes Info, Sync Network Interfaces Info, Sync Software Info. 


For initial sync from Qualys to ServiceNow, we recommend that you plan your schedules 
at an interval of every fifteen minutes. 


Once you configure your selections, click Submit to create the schedule. 


Note: The Meta Info fields and few other blank fields such as Last Run Timestamp, Last 
Fetched Host Id are populated with information only after the schedule is executed. 
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Get Started 


Go to Qualys CMDB Sync App > Schedules and select “ServiceNow to Qualys” for Sync 


Direction. 


@ = ooo update | Execute Now | Delete ^ V 


Name SN-QG Demo Schedule Run | On Demand 


Active Y Last Run Timestamp | 2022-05-17 23:43:17 | E 


>K APISource  us-pod-2 a | O | 


ServiceNow to Qualys Sync | Meta Info | 


Asset Scope 


Table Computer [cmdb_ci_computer] 


Query Add Filter Condition | Add "OR" Clause | 


IP Address Y | | is one of vw 10.115.67.111 
10.113.195.144 


If Cl is already present in Qualys 


Sync Business Y 
Information to 


Qualys 


Asset Metadata Q | 


| 
Attributes 
company, created, department, environment, ip_address, last_updated, location, managed_by, owned_by, status, 


supported_by, support_group 


Business Application Services (cmdb_ci_service) 
Table 


Business Application & | 


Attributes 
business criticality, created, environment, last updated, managed by, operational status, owned by, status, supported by, 


support group, used for 


Business Services 2022-05-17 23:43:16 | 
Sync Last RunTime 


If CI is NOT present in Qualys 


Æ Tracking IP 
method 


Assign Tag/Group Dynamic Asset Group 


Asset Group Name 


Show available fields/columns 


EnableVM? v 


EnablePC? Y 


- 
Update | | Execute Now | | Delete 
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Enter required details to configure the schedule: 


Name Demo Schedule Run Periodically v 
Active Y Starting 2022-04-07 03:45:35 
»K APISource  us-pod-1 Q © Æ Repeat Interval Days 7 
*K Sync Direction ServiceNow to Qualys v Hours 2 00 00 


Last Run Timestamp 2022-04-01 03:58:18 


Name - Provide a unique name for your schedule that helps you identify your schedule. 


Active - Select to enable and activate the schedule you create. If you want to activate a 
schedule sometime later, you can disable this option. 


API Source - Select the API source. 
Sync Direction - Select ServiceNow to Qualys. 


Run, Starting, Repeat Interval - Tell us the frequency of the schedule to be executed. For 
example, we could configure to execute schedule only on-demand. 


ServiceNow to Qualys Sync - You can sync the IPs and Asset Metadata from ServiceNow 
to Qualys. 


For initial sync from ServiceNow to Qualys, we recommend that you plan your schedules 
at an interval of every ten minutes. 


Asset Scope: - Define the scope of assets to be synced. 


Asset Scope 


Table | Computer [cmdb ci computer] v 


Query Add Filter Condition Add "OR" Clause 


Asset Y is v a AND OR 


The Table and Query components allow you to select the asset metadata table as per 
your requirement. 


Filter the query by choosing from the default fields to sync asset metadata to Qualys. 
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If CI is already present in Qualys 


Configuration Item (CI) includes the base configuration for all the assets in the CMDB 
table. 


If Cl is already present in Qualys 


Sync Business Y 
Information to 
Qualys 


Asset Metadata AQ 
Attributes 
company, department, location, supported_by, support_group, last_updated, owned_by, status, ip_address, created, 
managed_by, environment 


Business Application Services (cmdb_ci_service) v 
Table 


Business Application a 


Attributes 
business_criticality, environment, supported_by, created, used_for, support_group, status, owned_by, operational_status, 
last_updated, managed_by 


Business Services | 2022-04-01 03:59:27 
Sync Last RunTime 


You can sync business information along with asset metadata to Qualys then enable the 
Sync Business Information to Qualys checkbox. 


Note: If you do not enable the checkbox then the asset metadata will not get synced. Only 
the asset with new IP addresses will get synced to Qualys. 


Asset Metadata Attributes: Unlock the Asset Metadata Attributes option by clicking the 
unlock button e| >Click Add/Remove multiple option. 


Asset Metadata company 
Attributes created 

department 
environment 
ip_address 
last_updated 
location à 
managed_by 
owned_by x 


status 


A new pop-up window appears, and you can select the attributes from the list. Use Add 
Filter and Run Filter options to isolate the records > click Save > Click the lock button to 
lock your selected attributes. 


Edit Members X 
Add Filter || Runfilter (2) 


— choose field -- " | —oper-— v | --value-- 


Collection List 


O 1 


N 


businessApp.Name company 

created 
department 
environment 
ip_address 
last_updated 
location 

> managed_by 
owned_by 

< status 
supported_by 
support_group 


Cancel STE 
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All of the selected attributes from the list can sync asset metadata from ServiceNow to 


Qualys. 


Appendix to view the mapping of the fields for asset and business application metadata 


Business Application Table: Select the table for business applications or services to get 


sync from ServiceNow 


- Business applications: Use to sync the CMDB configuration item application data. 


= Business Applications [Business Application ReadOnly view] m Search for text Y Searc for text v 


Y all 


$03 Q = Name = Description = Business process = Application type = Architecture type = Install type = Status 


Search Search Search Search Search Search Search 


In 


© KnowBe4 , 
Production 


KnowBe4 


(empty) 


- Services: Use to sync the CMDB configuration item services data. 


= Services New A ea Search for text Y Search 
Y All» Name = Campaign Management 
197 Q = Name = Business criticality = Environment = Managed by = Support group = Supported by 
=Campaign b Search Search Search Search Search 
Campaign 5 | € | 
(i) 2 - somewhat critical Development Patty Esposito Application Security Victor Johansson 
Management 


Searc for text 


Y 


= Technology stack 


Search 


= Owned by 


Search 


Sean Adams 


Searc. for text 


= User base 


Search 


= Location 


Search 


San Diego 


Business Application Attributes: Unlock the Business Application Attributes option by 


clicking the unlock button 


business_criticality 
created 
environment 
managed_by 
operational_status 
owned_by 

status 
supported_by 


Business Application 
Attributes 


& |> Click Add/Remove multiple option. 


A new pop-up window appears, and you can select the attributes from the list. Use Add 
Filter and Run Filter options to isolate the records > click Save > Click the lock button to 


lock your selected attributes. 


All of the selected attributes for the business applications or services can get synced from 


ServiceNow to Qualys. 
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Edit Members 


Add Filter | Runfilter (2) 


Collection List 


last_updated business _criticality 


Cancel 


Note: For Business Metadata sync, if CI is present in Qualys, then it must be synced into 
ServiceNow and transformed to CMDB tables at least once. That CI will be associated 
with a Qualys Asset ID, and it will be used to sync Business Metadata from ServiceNow to 
Qualys. 


Note: For Asset Metadata and Business Applications, ‘created and ‘last updated’ fields are 
mandatory for asset metadata sync and should not be removed; if these fields are 
removed, API calls to sync data will fail. 


If Sync Business Information to Qualys is enabled, you can configure the application to 
create dynamic tags for asset/business metadata attributes. 


To configure Dynamic Tagging for asset/business metadata attributes, navigate to 
Configuration > Dynamic Tagging Configuration. 
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Dynamic Asset Tagging Configuration 


We've added a new dynamic asset tagging configuration feature that allows you to 
automatically create and maintain tags based on CMDB business information (Status, 
Organization, Environment, Business Criticality, Business Application Attributes) and use 
them across all Qualys solutions/apps for VMDR prioritization, asset scoping, and 
organizing vulnerability scans and reports. 


=== Dynamic Tagging Configuration — 
< == Created 2022-03-16 03:35:00 @ zr 909 Update 


Enable Dynamic v 
Tagging 


You can either select the existing tag as a parent tag for creating dynamic tags for the business metadata. If a parent tag doesn't exist in the Qualys Subscription, the 
application will create a new static tag with the same name. 


Use ParentTag Y 


»K Parent Tag Use Existing Tag v 
Creation 
Æ Select Tag SanDiegoParent a O 
Update 
= Attribute List for Taggings Search Attribute Attribute Name Y | Search 1 to6of6 E 


za E Tagging Configuration record = 56ca13c51b9ec110085afe651a4bcbfd 


£08 a z Attribute Name z Active = Parent Tag Name = Selected Parent Tag = Tag Prefix Value = Sample Tag Name 
support grou true attributeparent GpSgSnowParis support grou -QuebecParenttag 
ibu i 

© support group p SRE pport_group_ - attributeparent... 
businessApp.Name true empt 

O TL (empty) - Test Web App 
department true empt 

© SSR (empty) - Engineering 
environment true empt 

O (empty) - Production 

Actions on selected rows... v 1 to 6 of 6 


Enter required details to configure the dynamic asset tagging: 


Enable Dynamic Tagging - Select the checkbox to enable the dynamic tagging 
configuration. 


Once you enable the dynamic tagging configuration, a new option, Use Parent Tag will 
appear, and it will help you to set the Parent Tag. 


Use Parent Tag - Select the checkbox to enable the options to create or use any existing 
tag. 


Note: If you don't enable the parent tag, then the dynamic tag will be created without any 
hierarchy. 


Parent Tag Creation - Use this option to create a new tag or select any existing tag. 
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Enter Parent Tag Name - Use this option to provide and set the name of your parent tag. 


=== Dynamic Tagging Configuration =— 
x E Created 2022-03-16 03:35:00 © ¿+ ooo Update 


Enable Dynamic 


Tagging 


You can either select the existing tag as a parent tag for creating dynamic tags for the business metadata. If a parent tag doesn't exist in the Qualys Subscription, the 
application will create a new static tag with the same name. 


Use Parent Tag Y 


»K Parent Tag Use Existing Tag v 
Creation 


»K Select Tag SanDiegoParent O 


Update 


PS 


The Select Tag will appear on the page if you select the “Use Existing Tag” option from the 
Parent Tag Creation field. It will make 1t easier for you to choose the appropriate tag. 


Select Tag - Use this option to select an existing tag. Select any existing tag from the Asset 
Tag List by using the Search button. 


Note: You can select the existing tag as a parent tag to create dynamic tags for the 
business metadata. If a parent tag doesn't exist in the Qualys Subscription, the application 
will create a new static tag with the same name. 


Save - Click save to save your parent tag configuration. 
Once the tags for the attributes have created, the business metadata will get synced. 


When the business metadata get synced, Qualys automatically generates the tags for the 
asset 9 attributes in the backend. 


You can select or deselect attributes from the attribute list to create the tag according to 
your preferences. 


Note: If you don't want to tag to be created for any attribute, then make that attribute 
active false. 
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Attribute List for Tagging 


In the attribute list for tagging section, you can create and add the parent tag. 


== Attribute List for Tagging — 
€ ZZ Created 2022-04-29 03:11:21 @ E ooo Update N 


Attribute support_group a O 


Active Y 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag 
Tag Prefix [ } 
Sample Tag Name - QuebecParentTag 
- IT Support Group 
Update 


Attribute - This field shows the attribute name and will be similar to the parent tag name 
e.g. Department 


Active - Select the checkbox to activate the dynamic tag for the by default selected 
attribute. 


== Attribute List for Tagging == 
€ == created 2022-04-29 03:11:21 @ ZS ooo Update V 


Attribute support group a O 


Active Y 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag 
»K Parent Tag Type Select Existing Tag v 


Æ Selected Parent Q 
Tag 
Tag Prefix 
Sample Tag Name - QuebecParentTag 
- IT Support Group 
Update 


Use Parent Tag - Select the checkbox to appear the new options on the page - It will help 
you to create a new tag or select any existing parent tag. 


Parent Tag type - Use this option to create a new tag or select any existing parent tag. 


Selected Parent Tag - Use this option to select any existing parent tag. Use the Search 
button to find and select any existing parent tag from the Asset Tag List. 


Al 


« — Attribute List for Tagging 
== Created 2022-04-29 03:11:21 


Attribute 


Active 


support_group 


Y 
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@ = ooo Update V 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. ‘Department’ 


Use Parent Tag 
Æ Parent Tag Type 


Æ Selected Parent 
Tag 


Tag Prefix 


Sample Tag Name 


Update 


v 


Select Existing Tag 


tagg 


- QuebecParentTag 


-tagg 
- IT Support Group 


[a] © 


The Parent Tag Name will appear on the page if you select the “Create New Tag” option 
from the Parent Tag Type field. It will make it easier for you to give the appropriate name 
to your tag. 


Parent Tag Name - Use this option to provide and set the name of your parent tag. 


< E Attribute List for Tagging 
=== Created 2022-04-29 03:11:21 


Attribute 


Active 


support_group 


v 


4 = ooo Update V 


Create Parent Tag in the hierarchy to create the dynamic tag for the selected attribute. The parent Tag name will be similar to the attribute name for e.g. 'Department' 


Use Parent Tag 


>Æ Parent Tag Type 


v 


Select Existing Tag 


»K Selected Parent | tagg Q, © 
Tag 
Tag Prefix 
Tag Prefix Value 1 
Æ Tag - 
Sample Tag Name - QuebecParentTag 
-tagg 


- 11T Support Group 


Update 


Once you enable the Tag Prefix checkbox then Tag Prefix Value text-box will appear on 
the page. 


Tag Prefix - Select the checkbox and enable the tag prefix to add a prefix to your tag. 
Tag Prefix Value - Use this field to enter your tag prefix value. 

The prefix will be appended to that specific attribute tag once you enter it. 

Sample Tag Name - This text box displays the details of your attribute tag. 


Update - Click update to update your newly created parent tag attribute configuration. 
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If CI is NOT present in Qualys 


If CI configuration does not exist in the Qualys configuration environment then you will 
get only IPs from ServiceNow to Qualys. 


If Cl is NOT present in Qualys 


Æ Tracking NETBIOS v 
method 


| Only NETWORK. RANGE tags are available. | 


Assign Tag/Group Dynamic Asset Group v 


-- None -- 


For Dynamic Asset Tag Dynamic Asset Group ent}_Assets' string 


will be evaluated to app Dynamic Asset Tag 


Static Asset Group 
Static Asset Tag 


Asset Group Name 


Show available fields/columns 


Enable VM? Y 


This needs to be enabled else synced assets wont be scanned by Qualys. 


Enable PC? Y 


Tracking Method - Choose the tracking method from IP, DNS, or NETBIOS for assets when 
syncing from ServiceNow to Qualys. 


Assign Tag/Group (Optional) - We modified this functionality by adding a dropdown that 
includes Dynamic Asset Group, Dynamic Asset Tag, Static Asset Group, and Static Asset 
Tag. 


When you select Dynamic Asset Group from the dropdown, an empty text box appears, 
which you can use to create the asset group on the runtime to sync the assets or Cl with 
the Qualys. 


When you select the Dynamic Asset Tag, an empty text box appears, which you can use to 
create a dynamic asset tag on the runtime to sync the assets or CI with the Qualys. 


- To create the dynamic asset group name or tag name, a plain string and attributes name 
can be used. The attribute name can be used in format ${attribute name} e.g., 
${environment} 
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You can use the Show available fields/columns option to add the attributes from the 
target table. It is a read-only list of available attributes from the target table, where you 
can copy the available attributes and paste them into the dynamic group or tag name field 
using the format $(attribute name] 


If Cl is NOT present in Qualys 


Æ Tracking IP v 
method 


| Only NETWORK RANGE tags are available. | 


Assign Tag/Group Dynamic Asset Group Available Fields v 

asset 

For Dynamic Asset Tag/Group Name, use the following syn) asset tag "the attribute. For e.g. 'All S environment] Assets' string 

will be evaluated to apply tag name AIL Production Asset: — " 
assigned : 
assignment group 
attestation score 

AssetGroup Name | | ind 
attested by 
attested date 
attributes 
can print 
category Show available fields/columns 
cd rom i 
cd speed R / 
Enable VM? v change control bi PT d 


checked _ 
This needs to be enabled else synced assets wont be scan” checked out 


cmdb ot entity 
comments 


Enable PC? company 


- If the dynamic tag name or group name 1s already present in staging tables, 1.e., 

x qual5 itam nwapp qualys asset groups or x qual5 itam nwapp qualys asset tags - 
in that case, the Service graph connector will not initiate to create a call for another 
duplicate group or tag name. Instead, it will fetch and use the tag id or group id of the 
existing tag/group from staging tables. 


When you select Static Asset Group, an empty text box appears, which you can use to 
search and enter the existing qualys asset group. Click the Search button to select the 
qualys asset group from the list. 


When you select Static Asset Tag, an empty text box appears, which you can use to search 
and enter the existing qualys asset tag. Click the Search button to select the qualys asset 
tag from the list. 


A Static Asset Tag or Static Asset Group. The "Static Asset Tag" or "Static Asset Group” box 
will assign that tag in Qualys Cloud Platform to any assets synced from ServiceNow. 


Note: The Asset Tags that belong to only the NETWORK, RANGE type are populated. All 
other asset tags are ignored. 


We also highly recommend adding filter conditions (at minimum IP Address) to assets to 
be synced. When selecting a TABLE, ensure that the table has a column with the 
p. address" name; otherwise, the ServiceNow > Qualys sync may not function. 


VM (Vulnerability Management) is enabled by default to scan the assets you sync. We 
recommend that you do not disable this option. It is optional to enable PC (Policy 
Compliance). 


Once you configure your selections, click Submit to create the schedule. 


Note: The Meta Info fields and few other blank fields such as Last Run Timestamp are 
populated with information only after the schedule is executed. 
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Update Properties 


The Asset Sync Properties have pre-populated values. However, you can always change the 
values to suit your needs. To view the existing properties or update the values, go to 
Qualys CMDB Sync App > Configuration > Properties. 


Qualys CMDB Sync Properties 


Size of Download batch - This property defines the ‘limit’ for API calls in download type sync queue and Download processor will pick up only these many records from queue at a time to process. (?) 


Vv 


Size of Upload batch - This property defines the batch size for sync queue. Upload processor will pick up only these many records from queue at atime. (?) 


vw 


Max Transaction Lifetime (in minutes) - Stop transaction after these many minutes. (?) 


Vv 


API Timeout Setting (in milliseconds) - This property defines the API request timeout period in milliseconds.(1 minute=60000 milliseconds). (?) 


vw 


How to add data in CMDB?(if you want to use Identification Engine then you need to activate Configuration Management For Scoped Apps (com.snc.cmdb.scoped)) (?) 


lentification engine v 


Software catalog API page size - This property defines the no. of software records to pull from one API call. (2) 


Save 


Let’s take a look at how each property functions. 


vw 


Size of Download batch - Configure two properties using this setting: 


- The maximum number of assets to be fetched in a single API request call made by the 
scheduler. 


- The maximum number of records to be fetched and processed at one go from the queue 
by the download processor. 


Size of Upload batch - Maximum number of records to be picked by the upload processor 
from the queue to be uploaded to Qualys. 


Max Transaction Lifetime (in minutes) - The Qualys App has time restrictions on 
schedule run time. Although by default the time restriction 1s set to 10 minutes, you can 
change the time restriction to any time between 10 and 60 minutes. If you configure the 
schedule time to 20 minutes, the schedule 1s stopped after 20 minutes. In such a case, 
next scheduled run will resume from where the earlier run was stopped. 


API Timeout Setting (in milliseconds) - The wait time (in milliseconds) for the response to 
the API request. 


How to add data in CMDB - Choose a method to insert the data in CMDB: 


- Transform Maps. Allows you to use single or multiple attributes but only single condition 
to define which assets to add/update to the CI records. For more information, see the 
Transform Maps section. 


- Identification Engine. Allows you to use single or multiple attributes along with multiple 
conditions to define which assets to add/update to the CI records. or more information, 
see the Identification Engine section. 
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Software catalog API page size - The number of software catalog records to be fetched in 
a single API request call made by the Software Catalog Sync - Scheduled job. 


Customize Data List Columns 


We display few columns in the data lists. You can customize which columns appear and 


change the column sequence. We'll show you an example for adding the column “Updated 
by” to data lists. 


1) Click the fz icon in the main pane. The Personalize List Columns pop-up appears. 


Personalize List Columns 


Available Selected 
API Payload API URL 
Created Request time 
Created by Response time 
Number Processing Start 
Processing Notes/Message Processing Finish 
Processor GUID Status 
Schedule Sys Id > A 
Tags 
Type < y 
Updated 
Updates 

Y Wrap column text Compact rows Active row highlighting 


Y Modern cell coloring 


Y Enable list edit ^.^ Doubleclick to edit 


2) The Available list includes columns that are currently hidden. From this list, select the 


column you want to display. For example, double-click the column “Updated by” and you Il 
see 1t moved to the Selected list. 


3) Enable or disable other settings like Wrap column text, double click to edit, and so on. 


4) Click OK. 


You'll start seeing the Updated by column. If for some columns, the data is not available, 
the value in the column will be empty. 
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Syncing 


Start syncing your asset information between Qualys and ServiceNow CMDB. 


In Summary 


Sync Queue: This 1s where you'll see all jobs involved during the flow of assets between 
Qualys and ServiceNow. 


Approve Qualys Assets: This is where you'll see assets that need manual approval when 
auto-approval is not enabled. 


Failed Qualys Assets: This is where you'll see assets that failed to get transformed. 


Sync Queue 


The Sync Queue lists jobs of two types: Upload and Download. The Type column indicates 
the direction of the flow of assets. 


Download: Qualys to ServiceNow 


This shows the list of jobs run from Qualys to ServiceNow assets. The status indicates 
whether the application was able to parse the XML response successfully. The XML that 
was transferred is also available here (usually attached as response.xml). 


= Sync Queues | New | Search Type Y | Search 1 to2of2 


© AH 22529 total Sync Queues 
b foi Q = Number = API Payload = Request time = Response time = API URL = Processing Finish = Gs). = Processing Notes/Message 
» Status: Error (55) 


* Status: Success (22474) 


rm 09/14/2020 API res; e attached 
(1) SYNOO18119 Ifilter":" ""lastSeenAssetid":" 24647533... ‘Bs 09/14/2020 09:38:48  https://gateway.qg2.apps.qualys.com/am/v... 09/14/2020 09:38:58 Download — Cae 

m — 09:38:45 successfully; Resp... 

^ 09/12/2020 API response attached 
(Œ)  SvNoo14992 ["filter";""rlastSeenAssetid"-"24759790.. SIT 09/12/2020 06:54:04 https://gateway.qg2.apps.qualys.com/am/v.. 09/12/2020 06:54:07 Download AROS 

> ES 06:54:03 > successfully; Resp... 
AN 09/07/2020 API res; e attached 
(i) SYNO007997 I"filter":" ""lastSeenAssetid":" 24918366... aes 09/07/2020 05:04:53 ^ https://gateway.qg2-apps.qualys.com/am/v.. 09/07/2020 05:05:03 Download a 

= =< 05:04:53 successfully; Resp... 

> 09/04/2020 API e attached 
@  SYNo003529  {'fiter":""lastSeenAssetid"""lastM. à sg 09/04/2020 07:23:43  https://gateway.qg2.apps.qualys.com/am/v... 09/04/2020 07:24:08 Download ice œ z ty, oe 
ra 09/04/2020 API res; e attached 
(1) SYNO002701  {'filter”:"""lastSeenAssetid":"14520218. ^ 09/04/2020 00:50:29 _https://gateway.qg?.apps.qualys.com/am/v... 09/04/2020 00:50:31 Download PR 

= et 00:50:28 successfully; Resp... 
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Upload: ServiceNow to Qualys 


This is the list of assets to be synced from ServiceNow to Qualys Cloud Platform. Defining 
IP along with Asset Tag or Asset Group in Schedules will add two entries for an asset 
during upload: one for IP address and one for Asset Tag or Asset Group. 


= Sync Queues | New | Search Type Y | Search 1 to2of2 


Y AH 22529 total Sync Queues | 


b 10% Q = Number = API Payload = Request time = Response time = API URL = Processing Finish = Type v = Processing Notes/Message = Processing Start 
> Status: Error (55) 
* Status: Success (22474) 


O SYN0023196 viat -" 09/17/202001:44:05 — https://qualysapi.qg2.apps.qualys.com/ap... (empty) Upload oe AA (empty) 
G SYN0023198 rele 09/17/2020 02:04:03 ^ https:;//qualysapi.qg2-apps.qualys.com/ap.. (empty) Upload ES zs raile PC) sp d (empty) 
© SYN0019914 aa zo 09/16/2020 03:44:16 https://qualysapi.qg2-apps-qualys.com/ap... (empty) Upload ^ —— a (empty) 
O SYNO001049 "n 08/31/2020 08:24:03  https:;//qualysapi.qg2.apps.qualys.com/ap.. (empty) Upload Miete ccnl San 30 (empty) 


08:24:00 -> af... 


Approve Qualys Assets 


Assets imported from Qualys to ServiceNow will appear here for approval after successful 
processing in Sync Queue. If processing fails for any record in Sync Queue (status - Error), 
none of the host assets in that XML will be visible here. You'll need to approve each asset 
individually or one screen at a time. You will overwrite data in your CMDB when you 
approve the asset. 


Qualys Assets | New | Search Name Y | Search 1 to 20 of 15,569 


$0; zz Name A = IP Address = Qualys Asset Id = Status = Source Id = Os Lifecycle EOL Date = Asset Last Logged On User = Asset Most Frequent User = Asset UUID 
is test 17c3f91098fc 
e Not SRC-USPOD2 3fb8158e-Ocbd 
Ci) 10101040 10.10.10.40 3643574 ind quays2np60- (empty) 40d6-91ec 
T test b25c22515fb3 
Not SRC-USPOD2- 66eb2d13-3ab9- 
() 1010.10.40 10.10.10.40 8521761 <r quays2np60- (empty) 444c-b7d6- 
= test aTae5cl006dc 
Not SRC-USPOD2 69da3e12-8a3b 
Gi) 10101043 10.10.10.43 15066856 pe quays2np60- (empty) 480a-b3fc- 
dd test 2ee299f9b939 
Not SRC-USPOD2- 778fe3bc-acda- 
@ 10101043 10.10.10.43 8521762 PT quays2np60- (empty) 4589-85a2- 
PP test 2ad74d3d40c5 
Not SRC-USPOD2 1c97a162-2b7d- 
= o 
(Gi) 10101051 10.10.10.51 8521764 i cd quays2np60- (empty) 458e-83b8 
PP test e9ad3ade6192 
Not 255e79be-a9a0- 
O 10.10.22.2 10.10.22.2 229117085 SERRE SRC-200APP 04/25/2010 17:00:00 4eec-9ee3- 
ES dd94d4bcf37d 
Not SRC-USPOD2 Toc79f43-3281 
(Gi) = 10.10.24.125 10.10.24.125 803955 a quays2np60- (empty) 4025-9591 
PP test 66bab1721238 
Not SRC-USPOD2- efdd5450-5a57- 
(D) 101024127 10.10.24.127 21767381 FRE quays2np60- (empty) 4c2a-9616. 
se UU cd78848b8824 


Actions on selected rows. W 1 | to 20 of 15,569 


Save time by using auto-approval 


Enabling auto-approval of assets saves you effort and time because you won't have to 
manually approve each asset. If you enable auto-approval, none of the assets are 
displayed in the Approve Qualys Assets list. 
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Azure, Google Cloud Platform (GCP). All your cloud assets imported from Qualys to 


ServiceNow appear in Asset Details related tables for approval after successful processing 


in Sync Queue. Let us view few examples. 


AWS 


| < = Created 2020-06-04 19:47:37 


Instance ID 
Private IP Address 


Tags 


AWS | AZURE | GCP 
| 


Image ID 
Instance State 
Region Code 
Kernel ID 

Has Agent 
Private DNS 
Spot Instance 


VPCID 


| Update Delete 


i-Oacd516cad6acdb6b 
172.31.0.42 


Name:testAV, purpose:testforAV 


ami-03b5297d565ef30a6 
RUNNING 


ap-south-1 


false 
ip-172-31-0-42.ap-south-1.compute.internal 
false 


vpc-010083cf3502716fd 


AWS: Staging Cloud Metadata 


Staging Open Ports (4) Staging Network Interfaces (1) ^ Staging Volumes (4) Staging Software Instances (328) ^ Staging Cloud Metadata (1) 


SZ 
p 


£03 Q = Provider = Instance ID = Account ID 


i- 
03fb1b6444bc54b2d 993273722338 


Staging Cloud Metadata | New | Search Provider Y | Searc 


h 


Qualys Asset = ip-172-31-37-33.us-east-2.compute.internal > Provider = AWS 


= Instance State 


RUNNING 


= Availability Zone = Region Code = Instance Type 


us-east-2c us-east-2 t2.micro 


Hostname 
MAC Address 


Public IP Address 


Account ID 
Availability Zone 
Instance Type 
Region Name 
Launch Date 

Is Qualys Scanner 
Public DNS 


Subnet ID 


= Kernel ID = Region Name 


345GSGR3234 US East (Ohio) 


= Has Agent 


true 


@ I. ooo Update Delete 


13.234.32.13 


636123215182 

ap-south-la 

t2.micro 

Asia Pacific (Mumbai) 

2020-03-23 

false 
ec2-13-234-32-13.ap-south-1.compute.amazonaws.com 


subnet-0f45497735e183fdc 


T 


= Launch Date = Private DNS = Is Qualys Scanner 
ip-172-31-37- 

33.us-east- false 
2.compute.internal 


2019-05-02 false 


to lofl 


= Spot Instance 


1 tolof1 
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Microsoft Azure 
< = Created 2020-06-04 19:47:37 @ Z o Update Delete “ | 
Provider AZURE Hostname 
Instance ID MAC Address 00-22-48-00-22-38 
Private IP Address 10.0.1.11 Public IP Address 51.140.255.143 
AWS AZURE | GCP 
Virtual Machine Name TAM-Demo-VM-06 Virtual Machine ID b5cb03f1-cbcb-427f-8957-20aef4385519 
Virtual Machine Size Standard_A2_v2 Virtual Machine State RUNNING 
Virtual Machine Subnet TAM-Demo-Subnet-UKWest Subscription ID 30293558-9706-4c17-863a-016e35462650 
Image Publisher MicrosoftWindowsDesktop Image Version latest 
Image Offer Windows-10 Location ukwest 
OS Platform Windows Resource Group Name TAM-Demo-RG-EMEA 
Update Delete 


Microsoft Azure: Staging Cloud Metadata 


| Staging Open Ports (16) | Staging Network Interfaces (2) | Staging Volumes (4) | Staging Software Instances (78) Staging Cloud Metadata (1) 


= Staging Cloud Metadata M'A Search Provider y | Search 1 |tolof1 >» »» E 


Y Qualys Asset = WINHQAZIOC10 
Q = Provider = Instance ID = Account ID = Hostname = Availability Zone = Image ID = Private IP Address = Public IP Address = Virtual Machine ID = Launch Date 


b5cb03f1-cbcb-427f- 


10.0.1.11 51.140.255.143 
8957-20aef4385519 


1 tolof1 
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< = Created 2020-06-04 19:47:36 @ = ooo Update Delete 
Provider GCP Hostname demo-gcp-uel-centos-7-private.c.gcp-qualys-demo.internal 
Instance ID 2192482258772071952 MAC Address 42:01:0a:00:00:08 
Private IP Address 10.0.0.8 Public IP Address 
Tags 


ws oac 


Project ID gcp-qualys-demo Project Number 579051502736 
Machine Type custom-1-1024 Network demo-gcp-vpc-networks-us 
Zone us-east1-d State RUNNING 


Update Delete 


GCP: Staging Cloud Metadata 


| Staging Open Ports (4) | Staging Network Interfaces (1) | Staging Volumes (4) | Staging Software Instances (357) | Staging Cloud Metadata (1) 


1 tolof1 


7 Qualys Asset = demo-gcp-uel-centos-7-private 


207 a = Provider = Instance ID = Availability Zone j = Private IP Address = Public IP Address = Virtual Machine ID = Launch Date 


Falled Qualys Assets 


All of the assets imported from Qualys to ServiceNow that fail to get transformed are 
listed in the Failed Qualys Assets list. The transformation from Qualys to ServiceNow 
could fail due to criteria not being matched. For example, if you define the method to add 
data as “Identification Engine” and there is no identifier in the app. 


= r | o TE] de eu 
Y All > Transform State = Fail > CMDB table sys id is empty 
1o: a = Name 4 zz IP Address = Qualys Asset Id = Asset UUID = Status zz Source Id =} Os Lifecycle EOL Date = Hardware Lifecycle EOS Date 
20378db8-fb04-4738- Not 
0.0. 7 
O "m aes 2951-d782febba4bc Approved (empty) (empty) 
172.31.17.243 175667287 = (empty) (empty) 
© A Approved p P 
5133a00a-7b74-4c0e- Not 
.31.15. T 
@ 172.31.15.233 175667028 uU EE hee Ravel (empty) (empty) 
3584b1e4-7ccd-4f67- Not 
@ 172.31.11.180 R PRET (empty) (empty) 
e1b04c20-14f2-4369- Not 
© — — 94a3-261186c610e9 Approved (empty) (empty) 
00099438-5aaf-4200- Not 
0.1. 727 
© nar pum 8776-90c310f4a900 Approved (empty) (empty) 
Actions on selected rows... W 1 to6of6 
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Advanced Configuration 


The Advanced Configuration tells you about various pre-defined configurations and steps 
to customize them to your need. Transform Maps and Identification Engine are methods 
you can use to add data to your CMDB. 


In Summary 


App Scheduled Jobs - List of all scheduled jobs. Update or change the frequency of 
scheduled jobs as per your needs. 


Transform Maps - Use transform mapping to map source and destination fields 
dynamically. Use predefined Transform Maps. 


Identification Engine - Use this method to define the criteria using single or multiple 
attributes that uniquely identify the source assets and asset information before the assets 
get approved and are added to the CMDB system. 


Qualys Category - CI Class Mappings - Provides pre-defined class mappings to identify 
source assets. 


Application Log - All log entries related to the important activities in Qualys App. 


App Scheduled Jobs 
All of the App Scheduled Jobs are listed under Advanced > App Scheduled Jobs. 


= Scheduled Jobs | New | Search Name VY Search 1 to12of12 


Y All > Application = Qualys CMDB Sync > Class = Scheduled Script Execution 


fo a = Name A = Active = Class = Updated 
© Auto Approval Processor true Scheduled Script Execution 2020-05-10 11:56:53 
© Auto Approval Processor2 true Scheduled Script Execution 2020-05-10 11:57:02 
© Download Processor true Scheduled Script Execution 2019-06-20 05:40:48 
© Download Processor 2 true Scheduled Script Execution 2019-06-20 05:40:51 
© Download Processor 3 true Scheduled Script Execution 2019-06-20 05:40:55 
© Fetch Qualys Asset Groups Schedule true Scheduled Script Execution 2020-06-10 19:18:05 
© Fetch Qualys Asset Tags Schedule true Scheduled Script Execution 2019-06-20 05:43:34 
© Migration 1.x false Scheduled Script Execution 2020-06-10 20:39:21 
© Qualys Sync Queue Cleanup Job true Scheduled Script Execution 2019-06-20 05:43:38 
© Qualys Terminate Schedule Logs true Scheduled Script Execution 2019-06-20 05:43:42 
© Software Catalog Sync true Scheduled Script Execution 2020-12-21 01:21:47 
© Uploader true Scheduled Script Execution 2019-06-20 05:43:45 


We support the following App Scheduled Jobs. The function and frequency of execution of 
each job is described. However, you can always update or change the frequency of 
scheduled jobs as per your needs. 
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Auto Approval Processor - Checks the records to know which schedule does it belong to and 
processes it further. Only records that have auto-approval enabled are processed by the 
Auto Approval Processor. 


Download Processor - Picks the records of type Download with Queued status from sync 
queue and parses the XML. The number of records to be picked in a batch 1s defined by the 
Size of Download batch setting in Properties section. Currently, we support three 
download processors that work in parallel to fasten the process. 


Fetch Qualys Asset Groups Schedule - By default, this schedule is executed once daily. Once 
executed, it syncs all of the Asset Groups in Qualys Cloud Platform for use within the App. 
You may run this more than once a day if you generate Asset Groups 1n Qualys Cloud 
Platform frequently. 


Fetch Qualys Asset Tags Schedule - By default, this schedule is executed once daily. Once 
executed, it syncs all of the Asset Tags in Qualys Cloud Platform for use within the App. 
You may run this more than once a day if you generate Asset Tags in Qualys Cloud 
Platform frequently. 


Migration 1.x - By default, this job is deactivated. The purpose of this job is only for 
migration of approved assets that belong to Computer Extended table and need to bein 
production tables. To know more about the complete migration process, refer to Migration 
support. 


Qualys Sync Queue Cleanup Job - Clears the Sync Queue records with 'SUCCESS' status (older 
than 30 days) and records with ‘ERROR’ status (older than 60 days) on daily schedule. 


Qualys Terminate Schedule Logs - Maintains a log of the transactions that are terminated 
due to exceeding the time required to execute the transaction. 


Software Catalog Sync - This schedule fetches Software Catalog records from Qualys to 
ServiceNow. By default, this schedule is executed every 4 hours. Once executed, it syncs 
all the Software Catalog records from Qualys Cloud Platform. You may run this more than 
the default frequency (4 hours) if Software Catalog details get updated in Qualys Cloud 
Platform frequently. 


Uploader - Picks the records of type Upload with Queued status from Sync Queue and 
sends it to Qualys. 
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A transform map is a set of field maps that determine the relationships between fields in 
an import set and fields in an existing ServiceNow table. 


After creating a transform map, you can reuse it to map data from another import set to 
the same ServiceNow table. The Transform Maps module allows an administrator to 
define destinations for imported data on any ServiceNow table. Transform mapping can 
be as simple as a drag and drop operation to specify linking between source fields on an 
import set table and destination fields on any ServiceNow table. 


= Table Transform Maps EJ Search Order M | z arch | 1  tol13of13 
y All>Application=Qualys CMDB Sync 
Q = Name = Source table = Target table = Run business rules = Order A = Active = Updated 
= Qualys CMDB S os 1 rt Qualys OS Details 09/15/2020 
(i) R say. yas maig ua y m ; Qualys OS Details [x qual5 itam app qualys os details} false 100 true ss. 
= Details TM [x qual5 itam app import qualys os details) 21:55:44 
= CMDB S Soft l rt Software Inst 3 09/15/2020 
Ci) Qualys 2. -— m A rats € y Software Instance |cmdb software instance] false 100 true Tal 
+ Instance Trans... [x qual5 _itam_app_import_software_instance} 21:56:22 
à d C cC e 157 
G ) m: Import Qualys Asset [x qual5 itam app import qualys asset] Computer [cmdb ci computer] false 100 true de 
T^ CMDB S Network Import Network Interf 09/15/2020 
(Gi) Qualys CMDB Sync Network 7 yi usum ziv : Network Adapter [cmdb ci network adapter] false 100 true m 
G Interfaces Tran... x qual5 itam_app_import_network_interfaces} 21:55:23 
~ lys CMDB S Maste 1 rt Software spk; 09/15/2020 
(i) Qualys mat gr iri : E Software [cmdb_ci_spkg] false 100 true 13A 
ws Software Transfo... [x qual5 itam app import software spkg] 21:55:13 
AN Qualys CMDB Sync Hardware Import Qualys Hardware Details Additional Hardware Details 09/15/2020 
Gi) brea rms d 7 : R SR ; false 100 true 
-— Details x qual5 itam app import qualys hardware details| [x qual5 itam app additional hardware details] 21:54:53 
= lys Migration T fc 1 rt Migration C te 05/31/2020 
(i) iL c———— — de Y RARA cm Computer [cmdb ci computer] false 100 true Bar 
“= Map [x qual5 itam app import migration computer] 22:41:55 
(Y Qualys CMDB Sync Software Import Software Details Additional Software Details fal 100 tr 09/15/2020 
( ET aa alse ue 
WY Details Transf... x qual5 itam_app_import_software_details} [x qual5 itam app additional software details] 21:56:14 
- lys CMDB S Serial 1 rt Serial Numbe 09/15/2020 
Ci) Qualy. as Su T IE : i Serial Number [cmdb_serial_number] false 100 true XE 
œ Numbers TM [x qual5 itam app import serial numbers| 21:56:00 
M Qualys CMDB Sync Qualys Import Qualys Asset Details Qualys Asset Details tám 100 tro 09/15/2020 
( ER a e 
: Asset Details TM x qual5 itam app import qualys asset details| [x qual5 itam app qualys asset details] 21:55:52 


Use transform mapping to map source and destination fields dynamically. You could 
easily use the predefined Transform Maps or create one to suit your need. 


Qualys Pre-defined Transform Map 


Type of Asset Information Affected 


Qualys CMBD Sync OS Details Transform Map 


Qualys OS Details 


Qualys CMBD Sync Software Instance Transform Map 


Software Instance 


Qualys CMBD Sync Computer Transform Map 


Computer 


Qualys CMBD Sync Network Interface Transform 
Map 


Network Adapter 


Qualys CMBD Sync Master Software Transform Map 


Software 


Qualys CMBD Sync Hardware Details Transform Map 


Qualys Migration Transform Map 


Additional Hardware Details 


Computer 


Qualys CMBD Sync Software Details Transform Map 
Qualys CMBD Sync Serial Numbers Transform Map 


Additional Software Details 
Serial Number 


Qualys CMBD Sync Qualys Asset Details Transform 
Map 


Qualys Asset Details 
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Qualys Pre-defined Transform Map Type of Asset Information Affected 
Qualys CMBD Sync Open Ports Transform Map Asset Open ports 

Qualys CMBD Sync IP Address Transform Map IP Address 

Qualys CMBD Sync Volumes Transform Map File System 


Learn more 


Please refer to the ServiceNow documentation to learn more about transform maps. 


Identification Engine 


You could opt to use Identification Engine instead of Transform Maps. Similar to 
transform maps, the identification engine helps you to decide which assets should be 
added to CMDB system. You can to define the criteria using single or multiple attributes 
that uniquely identify the source assets and asset information before the assets get 
approved and are added to the CMDB system. 


Pre-requisites 


- Identification Engine uses the “Configuration Management for Scoped Apps” plugin 
which must be installed before you start using it. Please refer to the ServiceNow 
documentation for detailed installation steps. 


- Ensure that you add Qualys as Choices in the Discovery Source (column) of the 
Configuration Item (cmdb_ci table). Go to System Definition > Tables and search for 
Configuration Item table. In the table, open the Discovery Source column. Click New 
under Choices section and add Qualys as Label and Qualys as Value and click Submit. 


< | New record @ Lt auo Submit 


»k Table Configuration Item [cmdb ci| Y Sequence 
* Element discovery source Inactive 


A Language en 
Applications (Mobile) 

»k Label Qualys 
Modules (Mobile) 

»k Value Qualys 


Menu Categories 


Dependent value 


Hint 


Submit 


22 


Qualys CMDB Sync App 
Advanced Configuration 


Qualys Category - Cl Class Mappings 


We have pre-defined tables that contains set of records with matching rules. The rules are 
defined using single or multiple attributes to uniquely identify source assets. The rules 
form the criteria to identify the assets to be picked from the source and then added to 
target CI classification. 


The fields that could be mapped directly with the ServiceNow tables got listed in the 
classified tables. The custom fields that could not be directly mapped with the existing 
ServiceNow tables are listed in the related tables. 


Classified Tables 


The classified table includes the mapping of source fields with target fields that are 
recommended/used by ServiceNow. 


= Computer CI Class Mappings | New | Search Priority Y | Search 1 to17of17 


be Y All > Deprecated = false 


[307 a = Name = Active = Priority 4 = Rule = Target Cl Class 
© IBM Mainframe true 100 0s publisher-IBM^os category 2-mainframe^EQ IBM Mainframe [cmdb ci mainframe] 
© AIX Server true 100 os_name=aix^os_category_2=server^EQ AIX Server [cmdb_ci_aix_server] 
© IBM ZOS Server true 100 os_publisher=ibm^os_product_name=z/os^EQ IBM ZOS server [cmdb_ci_ibm_zos_server] 
© Alteon true 100 os_publisher=Radware^os_product_name=Alt... ^ Alteon [cmdb_ci_lb_alteon] 
© HPUX Server true 100 os_product_name=HP-UX^os_category_2=serv... HPUX Server [cmdb ci hpux server] 
© Hyper-V Server true 100 os_category=hypervisor^os_product_name=H... Hyper-V Server [cmdb_ci_hyper_v_server] 
© ESX Server true 100 0s category-hypervisor^os product name-E... ESX Server [cmdb ci esx server] 
© Windows Server true 100 os_category=windows / server^EQ Windows Server [cmdb_ci_win_server] 
© Linux Server true 100 0s category-linux / server^EQ Linux Server [cmdb ci linux server] 
© Solaris Server true 100 os_product_name=Solaris^os_category_2=se... Solaris Server [cmdb ci solaris server] 
© OS/X Server true 100 os publisher-IBM^os product nameLIKEOS/^EQ OS/X Server [cmdb ci osx server] 
©) Citrix Netscaler true 100 os publisher-IBM^os category 2-Netscaler^EQ Citrix Netscaler [cmdb_ci_lb_netscaler] 
© UNIX Server true 100 os_name=unix^os_category_2=server^EQ UNIX Server [cmdb_ci_unix_server] 
© Virtualization true 200 os_category=hypervisor^os_category_2=ser... eee zm 
Server [cmdb ci virtualization server] 
© Server true 300 0s category 2-server^EQ Server [cmdb ci server] 
© Server Hardware true 400 hardware_category_2=server^EQ Server Hardware [cmdb_ci_server_hardware] 
© Load Balancer true 400 hardware_category_2=Server Load Balancer^EQ Server [cmdb_ci_server] 


Each column of the categorized CI class mappings is listed below: 


Name: The pre-defined name given by Qualys to the CI class mapping. 
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Active: The status of the mapping indicating if the current mapping is active or not. True 
indicates mapping being active. 


Deprecated: The status of the record if it is displayed in the table or not while creating new 
rule. This is a read-only field used by application for processing purposes. 


Priority: The priority decides the sequence in which the mappings should be acted upon. In 
case of multiple mappings for similar fields, the mapping with lowest number gets higher 
priority. For example, if there are two mappings with priority 50 and 100. The mapping 
with priority 50 gets higher precedence than 100. 


Rules: The rule that forms the criteria to select the assets from the source table (Qualys). 


Table: The column used to hold reference to staging table on which rules conditions are 
being executed 


Target CI Class: The name of the destination/target table (defined by ServiceNow) on the 
production environment where the data should be inserted. If you want change 
destination table, you can change the target CI class for the corresponding source field. 


For detailed list of field mappings for classified tables, refer to the Classified Tables. 


CI Class Mapping for Custom Fields 


Let us see an example of creating custom fields mapping based on the hardware 
manufacturer for Windows server. 


Click New and the blank form to create a new record for CI class mapping is displayed. 


= Computer Cl Class Mappings ew Search | Priority * | Search 


Y All> Deprecated = false 


O. Mame = Active = Priority A = Rule 

Gi) IBM Mainframe true 100 05 publisher-IBM^as category J-mainfrar 
Gi) AIX Server true 100 05 name-=an"os_ctegory_2=server* EC 
Gi) IBM 2705 Server true 100 05 publisher-ibm^os product name-z/os' 
Gi) Alteon true 100 as publisher-Radware^os product name- 
Gi) HPUX Server true lU) aos product name-HP-UX^os category 2-s 
Gi) Hyper-V Server true 100 os category-hypervisor^os product name 
Gi) ESA Server true 100 os category-hypervisor^os product name 
(i) Windows Server true 100 os category-windows / server^EQ 


1. Provide a name for the record you want to create. For example, Windows Server Sample 
as we are creating mapping for Windows server. 


2. Select the Active check box to activate the mapping you create. If the check box is clear, 
it indicates that the current mapping will not be used for inserting data in production 
table of ServiceNow. 


3. Define the priority for the mapping. For highest precedence, use the lowest number in 
priority. 
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4. Select the Target CI Class table from the pre-populated list. The table you choose forms 
the destination table for the mapping. 


5. Define the rule that would form the criteria to choose the source assets to be picked and 
mapped. You could form a rule using single or multiple attributes and filters. 


Click Submit to complete the mapping process. 


Qualys Category - Hardware Device Cl Mappings 


Similar to Computer CI Class mappings, we have pre-defined tables that contains set of 
records with matching rules for hardware related fields. The rules are defined using two 
attributes to uniquely identify source assets. If an asset meets the attributes that match 
the attributes listed in category 1 and category 2, only then the source asset is moved to 
the target CI classification table. 


Note: The Computer CI Class Mappings has precedence over hardware devices CI 
mappings. 


For detailed mappings, see Hardware Data Mappings section. 


Related Tables for Custom Fields 


The custom fields that could not be accommodated in the classified tables are listed in 
separate tables called as related tables. 


If you are using custom table that includes custom fields (excluding pre-defined fields), 
you need to create new mappings record to match the customizations. 


Note: We do not recommend that you edit the mappings we provide in the related tables 
as it could lead to mismatch of the data and result it Identification Engine discarding the 
data. 


How to identify and view related table entries in out of the box table entries 
1. Open the CMDB Table Record Entry (cmdb_ci computer.list). 
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2. On the top grey bar, right-click and choose Configure > Related lists from the menu. 


< == dktp00660 
Name dktp00660 
Asset tag 
Manufacturer Dell Q © 
Asset Dell 790 @ 
IP Address 11.92.25.124 Create Favorite 
; Copy URL Table 
Configuration » 
Copy sys id Security Rules 
OS Domain Show XML Business Rules 
Operating System Windows Vista Client Vista(6.0) Business v] History > Client Scripts 
i Reload form 
OS Address Width (bits) — None — Y UI Policies 
Data Policies 
OS Version 6.0 
Ul Actions 
OS Service Pack w = 
DNS Domain Dictionary 
Disk space (GB) 
Description 
Related Items 
a 


4. Select the required column names from Available and then click the > (Add) button to 
Selected check box and then click Save. 


< Configuring related lists on Computer form 


Available Selected 
.NET Application->Duplicate Of A. Network Adapter->Configuration Item a 
A10 Load Balancer->Duplicate Of File System->Computer 
Accessory->Duplicate Of Software Installed 
ACE->Duplicate Of Serial Number->Configuration Item 
ACL Endpoint->Duplicate Of Qualys Asset Details->Reference Cl 
Active Directory Domain Controller->Duplica Additional Hardware Details->Reference Cl 
Active Directory Domain Controller->Provide Open Ports->Reference Cl 
Active Directory Domain to Domain Controll: OS Details->Reference Cl 
Active Directory Forest Endpoint->Duplicate A 
Active Directory Service->Duplicate Of > 
ActiveMatrix Business Works Process->Dupli ind 
ActiveMatrix Business Works->Duplicate Of < 


AD Domain->Duplicate Of 

AD Domain->Provided by 

AD Forest->Duplicate Of 

AD Forest->Provided by 

AD Service inc->Duplicate Of 

Additional Cloud Details->Reference CI 

Additional Software Details->Reference Cl Y id 


Cancel IS 


View name: Default view v 


Related Links 
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You can then view the details for the added columns in Related Links section. 


Related Links 


Subscribe 


Network Adapters (1) | Software Installed (1,374) Asset Open ports (19) | File Systems (3) | Qualys Asset Details (1) Qualys OS Details (1) Additional Hardware Details (1) 
Additional Software Details 


= Network Adapters MA Search Name Y Search 1 tolofl 


Y Configuration Item = vscent69.vuln.rdlab.qualys.com > Status != Absent 


YOR a = Name A = IP Address = Netmask = DHCP Enabled = MAC Address = Mac manufacturer 
G)  etho 10.11.70.244 255.255.255.0 false 00:50:56:AA:E8:74 (empty) 
. 1 tolofl 
Actions on selected rows... v 


Application Log 


Log entries are listed under Advanced » Application Logs. 


= roo toe L Search Created dee | 1 to200f97 b PP 
I 


S7 all »App Scope - Qualys CMDB Sync » Created » 09/17/2020 08:59:59 


0 
fo: Q = Created = Level = Message = App Scope = Source Script 
| © -" Information 2.1.1 | syncQGToSN | syncQGToSN: Running for schedule All Assets - IRE "x E Script Include: QualysAppUtil | 
O mem Information 2.1.1 | syncQGToSN | syncQGToSN: Finished — Script Include: QualysAppUtil | 
O —H Information 2.1.1 | fetchAssets | HTTP Response Code: 200 > Script Include: QualysAppUtil | 


~ nTm CMDB 

Gi) =x = < 1 , — Information 2.1.1 | approveAssets | Asset 10.115.67.182(246465327) Auto Approved using Transform Map updated in cmdb_ci_computer. = Script Include: QualysAppUtil 
mn "rf CMDB 

Gi) - = - ~ Information 2.1.1 | uploadiPsToQualys | Uploader looking for 1 QUEUED record(s). C -— Script Include: QualysAppUtil 


Logged activities include: 


- API Response. For example, when you click Test Connection and if the account does not 
have access to Global IT Asset Inventory module. 


- Schedule Lifecycle (Start, Run, and Finish) 

- Lifecycle of Download Processor and Upload Processor (Start, Run, and Finish) 
- Transform Type being used (Transform Map or Identification Engine) 

- Asset Approval type (Manual or Auto Approval) 

- Fetching Asset Tags and Asset Groups 
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View Reports 


Go to Qualys CMDB Sync App > Overview. The Overview page displays a consolidated view 
of all the reports. If you view this page before syncing the assets, it may display all values 
as Zero. 


Note: From version 1.0 onwards, the Reports option 1s merged in the Overview option. 
Thus, you will no longer see the Reports option in the menu. 


SErVICENOW service Management [5] John Doe + Q CV (2) | 
| 
Filter navigator 203 © 
* © Qualys Overview Change Layout 
Synced Qualys Assets Approved Qualys Assets Pending Qualys Assets Failed Qualys Assets 
Guided Setup 
E 19,963 3,1953 14,809 18 
Interaction 
Asset Categories OS Distribution EOL Operating Systems 


Now Mobile App 


ul " 


Asset Count 
3 


Asset Count 


Now Mobile App 


pmg 


Now Mobile App 


pmg 


EET So e am ea 
M Linux < 1,801 (34.94%) f y oo “Se POS OS CSS 
, sé 
Now Mobile App B Windows = 1,688 (32.75%) CS S » SS oS S E $ e 
es eS D Unidentified = 1 245 (74.16%) "y OS OESOTO SÓ $ ef 
pmg d ev SES ar aram ao ES 
Now Mobile App 
Application Categories Application Publishers Database Distribution 
pmg 
125 
Now Mobile App 
100 
pmg 
Now Mobile App t 
8 € 75 
Now Mobile App S 5 
= 500 = 
5 
pmg d Z 
& 50 
Qualys CMDB Sync | 
eee EN. .. 
p RRR x LOS Ss " í E m 
LÉ ES E " P S Pos Microsoft = 856 (22.99%) 
Properties ee oie ^ PE Ce A ie M Oracle = 370 (9.94%) SEF EES E P ^ d 
ve x NS ce D Mozilla = 212 (5 699%) oF Sy ESE P KI 
x P > A > qe VS G. > 
API Sou + S 17V E 
rces 


Note: From v2.3.0 onwards all these widgets - Application Categories, Application 
Publishers, Database Distributors will get updated from the Additional software details 
table when software catalog sync for CMDB is enabled. 


When the Overview page is launched for the first time, you see a list of 10 default reports. 
However, the reports can be customized based on your preference. For more information, 
see, Customize Overview Page. 
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Types of reports that you can configure: 


Report Name 


Qualys Assets Reports 


Description 


Approved Qualys Assets 


The Approved Qualys Assets report lists the assets auto/manually 
approved. This number is listed on the production table. 


Asset Categories 


The Asset Categories report gives a clear picture of the various types 
of assets across your organization. The chart is a diagrammatic 
representation of the asset categories. Click the bar to view additional 
details about the respective asset category. 


End of Life Operating 
systems 


Failed Qualys Assets 


The End of Life (EOL) Operating Systems report gives a clear picture of 
the various types of operating systems with the end of life across your 
organization. The chart is a diagrammatic representation of the 
operating systems. Click the bar to view additional details about the 
respective operating system. 


The Failed Qualys Assets lists the number of assets that are not 
transformed into the CMDB table. 


Hardware Manufacturers 


The Hardware Manufacturers report gives a clear picture of the 
varlous manufacturers of hardware across your organization. The 
chart is a diagrammatic representation of the hardware 
manufacturers. Click the slice to view additional details about the 
respective manufacturer. 


OS Distribution 


The OS Distribution report gives a clear picture of the operating 
systems installed on the assets across your organization. The chart 1s 
a diagrammatic representation of the operating systems. Click the 
slice to view additional details about the respective operative system. 


Pending Qualys Assets 


Synced Qualys Assets 


The Pending Qualys Assets report lists the assets which are not 
approved. 


The Synced Qualys Assets report lists the assets synced from Qualys 
to ServiceNow. 


Software Report 


Application Categories 


Application Publishers 


The Application Categories report gives a clear picture of the various 
types of applications installed on the assets across your organization. 
The chart is a diagrammatic representation of the various 
applications. Click the bar to view additional details about the 
respective application category. 


The Application Publishers report gives a clear picture of the various 
publishers of the application installed on assets across your 
organization. The chart is a diagrammatic representation of the 
publishers. Click the bar to view additional details about the 
respective publisher. 


Database Distribution 


The Database Distribution report gives a clear picture of the various 
types of the database used across your organization. The chart is a 
diagrammatic representation of the database distribution. Click the 
bar to view additional details about the respective database type. 
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Description 


The End of Life (EOL) Application report gives a clear picture of the 
various types of applications with end of life across your organization. 
The chart is a diagrammatic representation of the Application. Click 
the bar to view additional details about the respective operating 
system. 


Software Distribution 


The Software Distribution report gives a clear picture of the various 
types of software used across your organization. The chartis a 
diagrammatic representation of the software distribution. Click the 
bar to view additional details about the respective database type. 


Software Lifecycle Stage 


The Software Lifecycle Stage report lists the lifecycle stages of 
applications. Example: GA, EOL/EOS. 
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Customize Overview Page 


You can add or remove the reports from the Overview page. 


Add a Report 


Click on Add content, the Add content pop-up appears. Select one of the following options 
to add reports: 


-To add Qualys Assets reports: Select Reports from the first column, Qualys Assets from the 
second column and in the third column, select the required report from the displayed list. 


Add content 


a Ogqualys a 
<Favorites> Qualys Asset Tags Approved Qualys Assets 
Asset Categories 
Performance Analytics Assets awaiting approval 
Interactive Filters EOL Operating Systems 
Content Blocks Failed Qualys Assets 
Gadgets Hardware Manufacturers 
CMDB Group Widgets OS Distribution 
CMDB Service Widgets Pending Qualys Assets 
CMDB Widgets Synced Qualys Assets 
Financial Management bé 
Asset Categories = 
30k 
25k 
20k 
= 
8 
15k 
œ 5| 
o 
a 
= 
10k m 
Add here Add here Add here Add here 
Add here Add here Add here 
Add here Add here Add here 


-To add Software reports: Select Reports from the first column, Staging Master Software 
from the second column and in the third column, select the required report from the 
displayed list. 


Add content 


a OStaging a 

<Favorites> Application Categories 

Reports Application Publishers 

Performance Analytics Database Distribution 

Interactive Filters EOL Applications 

Content Blocks 
Gadgets Software Lifecycle Stage 


CMDB Group Widgets 

CMDB Service Widgets 

CMDB Widgets 

Financial Management m 


Software Distribution 


2750 
2500 
2250 
2000 
1750 - 
Add here Add here Add here Add here 
Add here | Add here | Add here 
Add here | Add here | Add here 


Once you select the required report, click one of the Add here options. The 10 Add here 
options indicate different locations where you can add the report on the Overview page. 
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Remove a Report 


To remove a report from the overview page, click on the close + option. Once you delete 
the report, you cannot undo the process. To add the same report again, see Add a Report. 


OS Distribution 


BE Linux = 42,294 (63.48%) DM Mac = 19,619 (29.45%) 
73 Unix = 4,337 (6.51%) M windows = 286 (0.43%) 
B Unknown = 91 (0.14%) B Unidentified = 1 (0%) 


Refresh Overview page 


To refresh all the reports on the Overview page at a fixed interval, click on the Homepage 
Settings € icon and select the required Refresh interval. 


Create Dashboard Version 


Refresh interval 
e Off 
5 minutes 
15 minutes 
30 minutes 


1 hour 


Delete page 
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Debugging and Troubleshooting 


Here are scenarios that will help you debug certain common issues. 


How to debug 
In case of any unexpected application behavior one should check the application logs. 
The application log has four different levels of logging: Information, Error, Warning, Debug 


The application writes log entries after important transitions. For example, Schedule run, 
on click of test connection to API Server [Qualys CMDB Sync App > Advanced > 
Application Log] 


Observed Issues 
Scenario: Sometimes clicking on 'Test Connection” gives ‘error’ response to user. 
Workaround: Check the error message. 


- Try to repeat the ‘Test Connection’ a couple more times (if all input parameters are 
correct then ‘success’ message will be displayed) 


- One can get the error message under Schedule Logs’ for related entries in schedule 
record 


- If no valid error is displayed (i.e. you are sure that the credentials are correct but API 
reported “unauthorized’), try again after some time. If error persists, contact Qualys 
Support 


Scenario: When Download processor takes too much time to process 
Workaround: Go to Properties and lower the Size of Download batch. 


Scenario: Download Processor failed to process Sync Queue record(s) Workaround: This 
may leave the corresponding Sync Queue entry in ‘Error’ state and the error details can be 
verified from ‘Processing Notes/Message’ 


User should manually change the status back to 
- ‘Queued’, and reset the Processor GUID if the user wants to process that response again. 


If you reprocess any response, it will not lead to duplicate data, as application checks whether 
the record already exists in staging tables before inserting. 


- Error’, if the user does not want to process it again. 


Scenario: Failed to approve asset using Identification Engine/Invalid Update 
This error is displayed when the application finds some error with Identification and 
Reconciliation APIs. 
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To verify the issue, you can to navigate to Failed Qualys Assets > Open the asset record 
and see the Notes section. This section contains the detailed error response, as received 
from Identification and Reconciliation API. 


Scenario: Sometimes it is observed that ‘approving’ manually multiple assets gives 
‘Transaction Timeout’ by ServiceNow 


Workaround: 
- In such case there 1s no data loss observed in asset transformation 


- To overcome transaction timeout error, it is recommended to use ‘Auto Approval’ in 
schedule 


Scenario: Duplicate entries found in cmdb_ci_computer for assets which were synced 
from ServiceNow to Qualys, scanned and then synced back from Qualys to ServiceNow 


Workaround: 
- If the user has added only IP address for the asset in the cmdb, ci computer table 
Reason: Name is a mandatory parameter for ServiceNow IRE mechanism. 


- If user added both name (any dummy name) and IP Address for the asset in 
cmdàb. ci, computer table 


Reason: After scanning the asset, the name discovered during the authenticated / 
unauthenticated scan and the dummy name that was provided could be different. 


Note: There would be no duplicate entry in cmdádb. ci computer if the name is exactly 
same for the asset before sending the data from ServiceNow to SericeNow 


Identification Engine Issues 


Scenario: When an asset transformation using identification engine is failing with an 
error IDENTIFICATION RULE MISSING 


Ideally, you should get either of the following two errors in IRE notes. 
IDENTIFICATION RULE MISSING 
- In this error, you need to add an identification rule for the target class in question. 


- Adding an identification rule will be your responsibility as it is outside the CMDB sync 
app scope. 
Sample IRE notes containing the following error: 
{ 
"error": "IDENTIFICATION RULE MISSING", 
"message": "Identity Rule Missing for table 


[omdb ca. ip- phone” 
} 
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IDENTIFICATION RULE FOR RELATED ITEM MISSING 


- This error will be logged in IRE notes if the identification rule is present, but related 
entries for the target class in question are not present in the cmdáb related, entry table. 


Also, it can be fixed by adding respective entries manually in the cmdáb related, entry 
table for the identifier table, e.g., IP phone (cmdb. ci ip. phone). It is user configurable. 


Sample IRE notes containing the following error: 


{ 
EE “DENT LE LCATLON. RULE. FOR. RELATED: ITEM MESSINS”> 


"message" “Identity Rule for table Tondho: CT ip- phone] 
missing Related Rule for class 
[x «qua lL5- itam app qualys.asset details]" 
by 
Scenario: When Identifier is missing in table cmdb_identifier 


- Related entry for any of the target class added from the CMDB sync app does not reflect 
in the ‘cmdb_related_entry’ table if the respective identifier is missing in table 
cmdb_identifier. 


- The CMDB sync app can't create this identifier because it is outside of its scope. 
In this case, 


- Asset approval will fail with an error - 
IDENTIFICATION_RULE_FOR_RELATED_ITEM_MISSING 


- If you check-in - My company applications > installed CMDB sync app > installed Files - 
> filter all the installed files by the class name ‘Related Entry. 


- Here, you will notice the ‘Identifier’ field will be empty for some of the entries. 


But this 1s again configuration dependency beyond the CMDB sync app scope, and you 
can fix it by using the steps in the below example: 
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1. Navigate to My company applications > installed CMDB sync app > installed Files -> 
filter all the installed files by the class name ‘Related Entry. Refer to the screenshot below 


— Identifier Ka 
<= cmdb_ci_ip_phone 9 E 


o This record is in the Global application, but Qualys CMDB Sync is the current application. To edit this record click here. 


Name possesses] Application Global 


Active v 
Applies to IP Phone [cmdb ci ip phone] 
Description 
Independent v 
Identifier Entries (1) " Related Entries (4) | 
= Related Entries Search | Priority v | Search 1 to4of4 E 
7 Identifier =cmdb_ci_ip_phone 
207 a = Active = Related table = Referenced field = Criterion attributes = Allow null attribute = Optional condition = Priority A 
O true Qualys Asset Details [x_qual5_itam_app_qualys_asset_details] reference_ci asset uuid,qualys asset id true 100 
O true Qualys OS Details [x_qual5_itam_app_qualys_os_details] reference_ci os_name true 100 
O true Additional Hardware Details [x qual5 itam app additional hardware details] — reference ci hardware full name true 100 
O true Asset Open ports [x_qual5_itam_app_open_ports] ci_sys_id port,protocol true 100 


2. Here, open one of the four empty entries created for the IP Phone class. 


3. Update the ‘Identifier field with 'cmdb ci ip phone 


— -— 
< =} Related Entry 4 ^ ZE ooo Update ^ Delete 
>K Relatedtable Qualys Asset Details v Active Y 
Æ Referenced field Reference CI v Allow null attribute VW 
Priority 100 


Æ Criterion attributes &_ Asset UUID, Qualys Asset Id 
Optional condition AddFilter Condition Add "OR" Clause 


-- choose field -- Y -- oper -- -- value -- 


Update Delete 


4. Repeat the same steps for the rest of the three entries as well. 


Missing Dependency | File system 


This is due to the fact that the Storage Volume class (parent of the file system class) 
required a ‘Containedby: Contains’ dependent relationship with the hardware class. 


Also, this is a configurational issue that can be resolved by updating the dependent 
relationship of the Storage Volume class. 


It should already contain the Containedby: contains relation with Computer class. Hence 
you can either update the existing dependent relation of the computer class by replacing 
the computer class with the hardware class. Refer to the following screenshot. 
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CI Class Manager 


Te Hierarchy | Configuration Item > Bamse, % Add Child Class 


8 Storage Volume Dependent Relationships 
Class Info ^ : P 
Dependent Relationships 9v |I a, search ci classes 
Basic Info Create dependent relationship rules (hosting and containment rules) to 
help identify dependent Cis. Reset to derived 
Attributes 
Identification Rule (e p e 
v oe cuer 
MN I = e ES m 


Reconciliation Rules l 


Suggested Relationships "M 
All Relationship Rules | | 
Health Vv 
Hosted on Managed by 
CI List 


CI Class Manager 


Ta Hierarchy | Configuration Item > Storage Volume 2 Add Child Class 


e Storage Volume Dependent Relationships 
Class Info ^ . " 
Dependent Relationships Y v | Q Search CI Classes 
Basic Info Create dependent relationship rules (hosting and containment rules) to 
help identify dependent CIs. Reset to derived 
Attributes 
Identification Rule «e» conan Owns 


i 
I 
i 


Reconciliation Rules ccl 


Suggested Relationships si — 
All Relationship Rules | | 
Health Vv 
Hosted on Managed by 
CI List 


You can create additional dependent Containedby: contains relation with hardware 
class. 


CI Class Manager 


Te Hierarchy | Configuration Item > Storage Volume € Add Child Class 


= Storage Volume Dependent Relationships 
Class Info ^ z : 
Dependent Relationships F lf o. Search Ci Classes 
Basic Info Create dependent relationship rules (hosting and containment rules) to 
help identify dependent Cis. Reset to derived 
Attributes 
Identification Rule <e> Contains 


Computer "- 
AL 


(o? Storage Cluster 


I+ <@> 


Reconciliation Rules LO) tamus 


Suggested Relationships 
All Relationship Rules 
e Storage Volume 
Health Vv 
CI List { 


Hosted on Managed by 


{op Logical Datacenter god Rubrik Cluster 
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Scenario: When an asset belongs to hardware and its child class (except for the 
computer and its child classes) and contains volume information approved using the 
identification engine, approval fails with the 'MISSING DEPENDENCY' error pointing 
cmdb_ci_file system class is logged in IRE notes. 


vexror’:. “MISSING: DEPENDENCY» 
"message": "In payload no relations defined for dependent class 
[cmdb ci file system] that matches any containment/hosting rules: 
[ocmdb oi storage volume. >> Managed by >> 
comdb-ci TUBELK cluster; emadb. El storage volume 2 Contained by == 
cmdb ci computer,cmdb ci storage volume >> Owned by >> 
emab cri storage cluster,cnmdb or storage volume >> Hosted om o 
GNdD cr. Logical. datacenter). Add ‘appropriate relatrons an payload Tor 
"Ix"classsName | iy"omab o3 file systemi"; y values": 


EV Size Bytes 5X 793099991 ", 5 "duscoverv source wv ev QUAlySsx v names NT 
NA provided byX"U:X"3a2402ac1b3285106268606579b04bcbl0N" ,N"free space byte 
BNET IZ Tou 
(A internal dV": V" fe690rfl4f7038910252C€174tf3b9f02a3V", A "Sys object source 
nro: source nane sou VENTES VY Settings. "2419 SyS ire mr Osa 
ire received Time \" sy" 2022-04-20 20229 744i" VALS play valuesv":[))"" 

a 


MISSING_MATCHING_ATTRIBUTE 


When the Target class has an identification entry with a specific attribute missing in the 
payload. 


Scenario: When the asset approval fails due to an IRE with an error MISSING 
MATCHING ATTRIBUTE. 


Workaround: We have given the following workaround for asset approval fails due to an 
IRE with an error missing matching attribute. 


- Navigate to CI Class Manager. 

- Browse the specific target class throwing an error. 
- Navigate to ‘Identification Rule’ Section. 

- Go to sub-section Identifier entries’. 


- Add an additional entry for the target class with, 


ont 
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- Select option Use attribute from main table 'target_class_name’. 
New Identifier Entry x 


An identifier entry uses criterion attributes to uniquely identify this class. Which table 
would you like to choose attributes from? 


© Use attributes from main table 'Load Balancer’ 
( ) Use attributes from another table (Lookup table) 


( ) Use attributes from main and another table (Hybrid) 


- Provide input as, 

Search On Table - target class 
Priority - 100 

Attribute - Name 

Active - True 


Re-approve the asset again after adding this entry. 


Anticipated Issues 


It 1s quite frequent to have error in opening/viewing attached response.xml' from sync 
queue records. Those response.xmls are considered as incomplete. 


List of expected failure modes 

- Qualys API server is undergoing maintenance/downtime 
- Qualys subscription expired 

- User credentials used are incorrect 


- User credentials are correct, but user has no Qualys App subscription from Qualys 


Common Questions 
Do you currently support the Identification and Reconciliation API for CMDB CRUD 
actions? 


Yes, Qualys App supports Identification and Reconciliation APIs. The goal of this API is to 
maintain the integrity of the database, and to correctly identify CIs so that new records 
are created only if CI is truly new to CMDB. See CMDB Identification and Reconciliation 
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You can change how to add data in CMDB from default Transform Map to Identification 
Engine from Properties page. You also need to create CI Identifier Rule for Target table. 


Can user add data to ServiceNow app from different Qualys servers? 


Yes, user can add asset data from different Qualys PODs. User needs to create different 
API Sources and Schedules as per Qualys servers. 


What are Upload and Download type records in Queue? 


It can be easily differentiated by Type field available in the table. For Downloading data to 
ServiceNow app (1.e syncing assets from Qualys to ServiceNow) Type will be Download. For 
Uploading data to Qualys (Syncing assets from ServiceNow to Qualys servers) Type will be 
Upload. 


Where can | find Assets which failed to transform in ServiceNow table? 
You ll find these assets in Failed Qualys Assets. Users can then approve these assets again. 


Why do | view timestamps in GMT for schedules despite configuring a different 
timezone? 


In the schedule scripts, we use ServiceNow's new 
GlideDateTime().getDisplayValueInternal(); function to update the schedule 
last_run_timestamp. When this object is directly instantiated and used (e.g. in scoped 
application background script), it returns time in GMT, irrespective of the timezone 
configured for user under whom this script runs. That's how it is designed. 


Also, since ServiceNow does not allow scoped applications to set the timezone, the app 
cannot do that on behalf of the user who created the schedule. However, the time value 
you see on the UI is shown in the user set timezone - even if you set GMT date-time in this 
column. When the schedule runs next time, it fetches value in GMT, and not the one you 
see on UI. That may lead to confusion, and log entnes show time in GMT, for this reason 
we recommend that the ServiceNow user sets their time to GMT. 


The Schedules | defined pulled the data accurately till yesterday. But, today, the same 
schedule is unable to fetch any assets or related data. 


Check your application logs. The reason the schedules are unable to fetch assets 1s 
because either your trial period or your subscription has expired. Contact your TAM to 
extend your subscription. Once you have an active subscription, you need to activate your 
API Source and the schedules will fetch the assets. 


If an asset is purged from Qualys, what will its status be in ServiceNow CMDB? 


The asset purged from Qualys will not automatically be purged in ServiceNow CMDB. The 
asset must be manually purged from ServiceNow. 


What is the difference between Computer CI Class Mapping and Qualys Category 
Hardware Device CI Mappings? 


The Computer CI Class Mapping is the main base table and contains the hierarchy for 
assets and tables. It also has higher priority In comparison to Qualys Category Hardware 
Device CI Mappings. As a result, assets to be transferred to destination tables are checked 


53 


Qualys CMDB Sync App 
Debugging and Troubleshooting 


against rules in Computer CI Class Mapping first. Only if they do not satisfy/meet any of 
the rules in Computer CI Class Mapping, the Qualys Category Hardware Device CI 
Mappings are used. 


Backward Compatibility Issues and Observations 


The Qualys CMDB Sync App 2.1.1 does not support backward compatibility. As a result, 
you may notice few scenarios that you may have not encountered earlier. We are 
highlighting some of the common scenarios that you may come across. 


Application Log 


After you upgrade 2.1.1 version, when the transformation mode set to "Iransform Map 
and if you have assets in the staging area, on approval of such assets, the assets are 
transformed to the correct CI Classes. But, the application log may not reflect this 
correctly. 


For example: Asset abcd (AssetID) Manually Approved using Transform Map updated in 
x qual5 itam, app computers extended. 


Although the asset has been correctly transformed to the CI Class, the application log 
incorrectly states name of computer extended table instead of the CI class name where 
the asset has been correctly moved. 


Resolution: Ignore the application log in such cases. 


Custom Transform Map Fails to Work 


The latest version of the app is designed to move assets to the out of box tables provided 
by ServiceNow. As a result, the custom transform maps that were created in previous 
version will not work in version 2.1. However, the custom transform map that you create 
in 2.1 version will work fine. 


Cause: The Import Set Row Tables have changed. 


Resolution: Refrain usage of custom transform maps that were created in previous 
versions. If you need to use custom transform maps, you need to rewrite or create new 
transform map as per the new set of import set row tables. 


Sync Queue is blank for Approved Assets 


The Queue ID' is displayed empty in ‘Approve Qualys Assets for the approved Qualys 
assets. However, the clicking 'Preview' (on the 11 icon) displays the correct the sync queue 
details. 


Table structure has changed...updated fields 
Resolution: Ignore Queue ID field and instead view the preview to verify the information. 


Number Mismatch Between Staging and Production Tables: Software 


Scenario: When transformation method 1s IRE, 100 assets in staging area, only 98 are 
moved to production after upgrade. 


Causes for discrepancy: 
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- IRE version needs name and version of the data being transformed. Name being 
mandatory parameter for transformation. If name 1s missing for asset, then the asset may 
not get approved and instead get failed. Such entries are listed in the application log. 


For example, if a software has no Name/Version: The software without a name doesn't 
make any sense, The Software (OOB table) uses a key attribute consisting of name and 
version. Thus, empty names causes assets to fail. 


- If there are multiple records with same name. Assets get approved, on production class, 
not all will be added as separate records. The first asset which is approved gets added as a 
separate record. All the other assets with same name get approved, but the IRE version 
creates multiple records or skips records. 


For example, software have same name and version number in staging area. In such case, 
duplicate entries may be created. Check application log. Skipping duplicate entry. 


Number Mismatch Between Staging and Production Tables: Assets 


Assets with Same Name: When transformation method is IRE, 100 assets in staging area, 
only 98 are moved to production after upgrade. If there are multiple assets with same 
name. Assets get approved, on production class, not all will be added as separate records. 
The first asset which 1s approved gets added as a separate record. All the other assets with 
same name get approved, but the IRE version updates the same record.However, the same 
record may contain multiple values for same fields. 


Discrepancy is observed in following scenarios: 
- Assets discrepancy could be there in the production table if the assets have same names 
- If serial number is missing and assets have same name, 


Cause: IRE version uses name to identify the CI class. Name being mandatory parameter 
for transformation. 


Field name missing in production tables 


If you notice few fields that exist on Qualys UI or API response, but cannot locate it in 
ServiceNow out of box (OOB) tables. 


Cause: Mapping for such fields may not exist. For complete list of mappings, refer to Field 
Mapping for Tables. If field mappings does not exist in the OOB tables, then such fields are 
not transformed to production tables. 


For example, the ‘hostname’ for network adapter exists in staging table but missing from 
production table (cmdb ci network adapter). 


Cause: The cmdb ci network adapter table does not have mapping for the hostname 
field. Hence the field value is not available in the production table. 


Truncated Value 


If the field value exceeds the field limit then the value may get truncated. The application 
does not update any of the OOB table structures: like field value lengths. 
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Asset Sync Properties Retained 


The Asset Sync Properties are retained after the upgrade to 2.1. If the set default 
transform mode is Identification Engine, the same properties are available after 
application upgrade. However, if you install the app (and not upgrade from a previous 
version), the default transform mode is set to Identification Engine. 


Recommendations 
We recommend following tips for better and smooth data migration. 


Partial data migration observed while switching transformation mode 


We recommend to not switch the transformation mode when the data migration Is in 
process. The change in transformation mode will not reflect during migration. 


Transformation mode IRE 


Configuring transformation mode as IRE is recommended as usage of Transform Maps can 
cause higher time for approval of assets. 
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Field Mapping for Tables 


This chapter lists the detailed field mapping (source to target) for classified as well as 


related tables. 


Classified Tables 


The classified table includes the mapping of source fields with target fields that are 


recommended/used by ServiceNow 


Asset Data Model 
Computer (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


manufacturer manufacturer 
memory ram 
bios_asset_tag asset_tag 
os_full name OS 


os_update 


os_service_pack 


os_architecture 


os address width 


model model id 
OS version OS version 
name name 
processor cpu, counts cpu, count 


processor description 


cpu name, cpu, manufacturer 


ip address 


ip address 


iprocessor speed 


processor speed 


Serial Number (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


bios serial number 


serial number 


hardware serial number 


serial number 


«additional field» 


serial number type 


File System (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


name 


name 


al 


free size 
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free_space_bytes 


total_size 


size_bytes 


Network Adapter (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


netbios name 


name 


interface name 


name 


mac address 


mac address 


IP Address (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


ip address 


ip address 


ip address 


name 


Software Data Model 
Master Software (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


name name 
version version 
<additional field> key 


Software Instance (SN Table) 


Qualys Staging Table Attributes 


ServiceNow Production Table Attributes 


name 


name 


install_date 


install_date 


<additional field> 


<additional field> 


«Reference to cmdb_ci_package> 


Reference to the CI the software is installed on 
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The related tables list the custom field mappings that could not be accommodated in the 
classified tables. We recommend that you do not alter the mappings in the related tables. 


Asset Data Model 
Qualys Asset details 


Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


asset_lastloggedonuser 


asset_lastloggedonuser 


asset_mostfrequentuser 


asset_mostfrequentuser 


asset_id 


qualys_asset_id 


asset uuid 


bios description 


asset uuid 


bios description 


last boot 


last modified date 


last boot 


last modified. date 


timezone 


qweb host id 


timezone 


qweb. host. id 


netbios name 


Qualys Operating System details 


Qualys Related Table Attributes 
os category 


netbios name 


ServiceNow Production Table Attributes 


OS category 


os category 1 
os category 2 


os category 1 
os category 2 


os category type 


os category type 


OS edition 


OS edition 


os lifecycle confidence 


os lifecycle confidence 


os lifecycle eol date 


os lifecycle eol date 


os lifecycle eol support stage 


os lifecycle eos, date 


os lifecycle eol support stage 


os lifecycle eos, date 


os lifecycle eos support stage 


os lifecycle eos support stage 


os lifecycle ga 


os lifecycle ga 


os lifecycle stage 


os lifecycle stage 


os market version 


os market version 


os_name 


os_name 


os_product_name 


os_product_name 


os_publisher 


os_publisher 
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ServiceNow Production Table Attributes 


hardware_category 


hardware_category 


hardware_category_1 


hardware_category_1 


hardware_category_2 


hardware_category_2 


hardware_category_type 


hardware_category_type 


hardware_lifecycle_confidence 


hardware_lifecycle_confidence 


hardware_lifecycle_eos_date 


hardware_lifecycle_eos_date 


hardware_lifecycle_ga 


hardware_lifecycle_ga 


hardware_lifecycle_intro_date 


hardware_lifecycle_intro_date 


hardware_lifecycle_obsolete_date 


hardware_lifecycle_obsolete_date 


hardware_lifecycle_stage 


hardware_lifecycle_stage 


hardware_product 


hardware_product 


hardware full name 


hardware full name 


Qualys Open Ports details 


Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


description 


description 


detected. service 


detected service 


port 


port 


protocol 


protocol 


Qualys Processors details 


Qualys Related Table Attributes 


ServiceNow Production Table Attributes 


processor cpu counts 


processor cpu counts 


processor description 


processor description 


processor. speed 


processor. speed 
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Software Data Model 
Qualys Software details 


Qualys Related Table Attributes ServiceNow Production Table Attributes 
architecture architecture 

category category 

category_1 category_1 

category_2 category_2 

category_type category_type 

component component 

edition edition 

ls 1gnored is 1gnored 

ls 1gnored, reason ls 1gnored reason 

language language 

license category license category 

type type 

update update 

lifecycle ga lifecycle ga 

lifecycle stage lifecycle stage 

market version market version 

product product 

publisher publisher 

software hfecycle confidence software hfecycle confidence 
software lifecycle eol support stage software lifecycle eol support stage 
software lifecycle eos date software hfecycle eos date 

software lifecycle eos support stage software lifecycle eos support stage 
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The details of the hardware-data mappings are listed in the table below. 


Note: ServiceNow has soft-deprecated the following classes for Qubec version: 


- Human Machine Interface |cmdb, ci hmi| 


- Manufacturing Device [cmdb_ci manufacturing] 


- Programmable Logic Controller [cmdb. ci pic] 


For more information on alternative solutions, see ServiceNow notification. 


Category1 Category2 Target CI Class Active 
Printers Laser cmáb ci printer true 
Communication IP Phones cmdb_ci_ hardware true 
Devices 
Virtualized Container cmdb ci computer true 
Computers Point of Sale (POS) cmdáb. ci pos true 

Terminal 
Networking Device Wireless Access Point cmdb c wap network true 
Power Conditioning Power Distribution Unit cmáb ci pdu true 
Equipment (PDU) 
Wearable Devices Smart Glasses cmdb_ci_wearable true 
Printers Line Matrix Printers cmdb_ci_printer true 
Networking Device Unidentified cmdb_ci_netgear true 
Input Devices RFID Device cmdb_ci_iot true 
Mobile Smartphone cmdb_ci_hardware true 
Computers Mainframe cmdb_ci mainframe ha true 
rdware 
Building Automation Smart Appliance cmdb_ci_iot true 
Devices 
Power Conditioning Uninterruptible Power cmdb ci ups true 
Equipment Supply (UPS) 
Industrial Industrial Ethernet cmáb. c ip. switch true 
Networking Switch 
Industrial Control Intelligent Electronic cmdb ci manufacturing true 
System (ICS) Device (IED) 
Networking Device Concentrators, Hubs, cmdb ci hub network true 
and Multiplexers 
Building Automation BACnet Controller cmdb_ci_iot true 
Devices 
Building Automation HVAC Control cmdb_ci_iot true 
Devices 
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Computers Assembled cmdb_ci_computer true 

Audio and Visual Portable Media Player cmdb_ci_media_player true 

Equipment 

Communication Conferencing cmdb ci hardware true 

Devices Equipment 

Industrial Control Distributed Control cmdb ci manufacturing true 

System (ICS) System (DCS) 

Audio and Visual Smart TV cmdb_ci_stv true 

Equipment 

Industrial Control Human Machine cmdb_ci_hmi true 

System (ICS) Interface (HMI) 

Wearable Devices Health and Activity cmdb_ci_wearable true 
Monitor 

Field Instruments Sensor emdD..C1-10t true 

Network Security Firewall Device cmdb_ci_firewall_device true 

Device 

Wearable Devices Smart Footwear cmdb_ci_wearable true 

Building Automation Security Camera cmdb_ci_security true 

Devices 

Networking Device Bridges and Routers cmdb_ci_ip_router true 

Industrial Control Remote Terminal Unit cmdb_ci_manufacturing true 

System (ICS) (RTU) 

Networking Device Other cmdb_ci_netgear true 

Audio and Visual Media Streaming Device cmdb_ci_media_player true 

Equipment 

Building Automation Other cmdb_ci_hardware true 

Devices 

Communication Other cmdb_ci_hardware true 

Devices 

Computers Notebook cmdb_ci_pc_hardware true 

Wearable Devices Smart Apparel cmdb_ci_wearable true 

Industrial Control Industrial PC cmdb_ci_computer true 

System (ICS) 

Printers Multi-Function Printer cmdb_ci_mfp_printer true 
(MFP) 

Field Instruments Motion Control CAD CIO true 

Building Automation BACnet Router EMAD E Jor true 

Devices 

Field Instruments Field Device cmdb_ci_iot true 


Management 
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Call Management Premise Branch cmdb_ci_hardware true 

Systems or Exchange (PBX) 

Accessories 

Building Automation Leak Detection cmdb_ci_iot true 

Devices 

Industrial Industrial Wireless LAN cmdb_ci_wap_network true 

Networking 

Audio and Visual Smart Earpiece cmdb_ci_media_player true 

Equipment 

Computers Other cmdb:.cl_ Computer true 

Printers 3D Printers cmdb ci printer true 

Building Automation Intrusion Detection and cmáb ci security true 

Devices Access Control 

Networking Device Access Servers cmdb_ci_server true 

Field Instruments Measurement Systems CHhdb Cl 10t true 

Networking Device Server Load Balancer cmdb_ci server true 

Industrial Control Programmable Logic emab pic true 

System (ICS) Controller (PLC) 

Building Automation Lighting and Control cmdb_ci_iot true 

Devices 

Computers Desktop cmdb_ci_pc_hardware true 

Wearable Devices Smart Watch cmdb_ci_wearable true 

Storage Devices Other cmdb_ci_storage_device false 

Building Automation Power and Energy cmdb_ci_iot true 

Devices Monitoring 

Networking Device Print Server cmdb_ci_server true 

Printers Thermal Tape Printers cmub «tr printer true 

Networking Device Modem cmdb_ci modem netwo true 
rk 

Networking Device Terminal Server cmdáb ci netgear true 

Wearable Devices Wearable Camera cmdb_ci_wearable true 

Building Automation Fire Safety cmdb_ci_iot true 

Devices 

Industrial Other cmdb_ci_netgear true 

Networking 

Communication Video Phone cmdb_ci_hardware true 

Devices 

Industrial Control Safety Instrumented cmdb_ci_manufacturing true 

System (ICS) System (SIS) 

Industrial Industrial Media cmdb_ci_netgear true 

Networking Converter 
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Communication Answering Machine cmdb_ci_hardware true 

Devices 

Mobile Tablet cmdb_ci_hardware true 

Communication Keyphone System cmdb_ci_hardware true 

Devices 

Field Instruments Robots cmdb_ci_iot true 

Printers Other cmdb_ci_printer true 

Networking Device Wireless Fidelity Base cmdb_ci_wap_network true 
Stations Wifi 

Virtualized Virtual Machine cmdb_ci_vm_instance false 

Industrial Industrial Serial Device cmdb_ci_hardware true 

Networking Server 

Industrial Control Other cmdb_ci_manufacturing true 

System (ICS) 

Printers Inkjet cmdb_ci_printer true 

Audio and Visual Projector cmdb_ci_display true 

Equipment 

Field Instruments Smart Meter cmdb_ci_iot true 

Industrial IoT Gateway cmdb_ci_iot_gateway true 

Networking 

Networking Device Switch cmdb_ci_ip_switch true 

Industrial Communication cmdb_ci_netgear true 

Networking Processor 

Audio and Visual Smart Speaker cmdb_ci_media_player true 

Equipment 

Computers Server cmdb_ci_server true 

Appendix 


The below table shows the mapping between ServiceNow fields and Qualys. 
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Qualys UI Field 


qualys_asset_id Qualys Asset ID 

name Asset Name 

company company 

created First Seen (On Connector Screen) 
department Department 

environment Environment 

ip address IP Address 

last updated Last Updated Date (On Connector screen) 
location Assigned Location 

managed by Managed By 

owned, by Owner/Custodian 

status otatus 

supported. by Supported By 

support group oupport Group 


Business App Metadata 


ServiceNow Field Label 


Qualys UI Field 


name Business App Name 
business criticality Business Cniticality 
environment environment 
managed, by Managed By 

owned, by owned, by 
supported. by Supported By 
support group support Group 


operational status 


Operational Status 
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Migration Support 


We provide you with migration scheduled job to assist you with data migration from your 
previous versions of Qualys CMDB Sync App to the latest version of the app. The Qualys 
CMDB Sync App 2.1 provides you with usage of out of box production tables by 
ServiceNow. 


Once upgrade to 2.1 version and before you sync assets or create schedules, we 
recommend you to migrate assets available in computer extended tables to out of box 
production tables provided by ServiceNow. To ease migration task, we provide you with a 
scheduled job for migration of assets (optional). 


Why Migration Needed? 


In the previous versions, the assets were spread across various extended tables such as 
computer extended table or software extended table. Once you upgrade, if we do not opt 
for migration, the assets in these extended table may not be transformed to the correct 
tables in production as per thew new CI class mappings. To prevent this issue, you need to 
migrate the assets from the computer extended tables. You can activate the scheduled job 
to initiate the migration of assets (approved assets). 


Get Started 


We provide the you with ready to use Migration 1.x app scheduled job. The function and 
frequency of execution this job 1s explained below. You can always update or change the 
frequency of the scheduled job as per your needs. 


Migration 1.x- By default, this job is deactivated. The purpose of this job 1s only for 
migration of assets that belong to Computer Extended table and need to be migrated to 
production tables. 


Assets that belong to Computer extended table are migrated to the respective CMDB 
tables on production. For example, assets in computer extended table that belong to 
Windows server are migrated to the Windows Server CI class. 
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Steps to execute migration 1.x job. 
1. Go to App Scheduled Jobs and click Migration 1.x job. 


Scheduled Jobs | New | Search Name Y 1 tollofll 


Y All> Application = Qualys CMDB Sync> Class = Scheduled Script Execution 


= Name A = Class = Updated 

Auto Approval Processor Scheduled Script Execution 05/10/2020 11:56:53 

Auto Approval Processor2 Scheduled Script Execution 05/10/2020 11:57:02 

Download Processor Scheduled Script Execution 06/20/2019 05:40:48 
O Download Processor 2 Scheduled Script Execution 06/20/2019 05:40:51 
© Download Processor 3 Scheduled Script Execution 06/20/2019 05:40:55 
© Fetch Qualys Asset Groups Schedule Scheduled Script Execution 06/10/2020 19:18:05 

Fetch Qualys Asset Tags Schedule Scheduled Script Execution 06/20/2019 05:43:34 
© Migration 1.x Scheduled Script Execution 06/10/2020 20:39:21 


© Qualys Sync Queue Cleanup Job Scheduled Script Execution 06/20/2019 05:43:38 


2 Click Edit. 


3. Select Active check box to enable activation. 


| = Migration Lx 


db You are editing a record in the Qualys CMDB Sync application (cancel) 


Periodically 
Application Qualys CMDB Sync 
»k Repeat Interval Days | 0 
Starting 05/30/2020 10:32:40 


Conditianal 


Run this script (9 $ L| E d : | @ || | ME. 


1 var obj = new x qual5 itam app.MigrateExtendeuTublei); 
2 nbj.migrateAssetz(1BB8); 


Update Execute Now Delete 


If activated, the default configured frequency is 100 assets for every 15 minutes. You can 
also alter the frequency to suit your requirements of asset migration. 


4. Click Update. 


Alternately, you could click Execute Now to immediately run the job. 
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Qualys CMDB Sync App 
Migration Support 


Once the job is executed, the application logs reflect migration. Once the migration is 
completed, the application log lists the number of assets are migrated. 


If any assets fail to migrate, the Migration State and Migration Notes indicate that the 
migration has failed. Migration Notes field is available only for assets whose criteria is 
defined by Identification engine rule. For assets using transform maps, only migration 
state is available. 


To trigger migration for failed migration assets, reset the migration state to None for all 
such assets and clear the Migration Notes field. 


Once, all the assets are migrated, you can de-activate the Migration 1.x job. 
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